What did you do in the external Apache config to get this to work?
I've been playing with reverse proxies but can't get it to work...
I do a similiar thing. I have a hardened server that proxies mythweb connections with basic username/password authentication and it only allows connections from a few ip addresses. I also added output compression since my uplink speed is slow and this allows for a faster loading of mythweb from outside my network. I usually have port 80 closed and just use ssh forwarding to get in, but I sometimes open port 80 from my router and I feel safe this setup keeps people away.
I created /etc/http/conf.d/mythweb.conf:
<IfModule mod_proxy.c>
ProxyRequests On
ProxyPass /mythweb http://mythtv.backend.server/mythweb
ProxyPassReverse /mythweb http://mythtv.backend.server/mythweb
<Proxy *>
Order deny,allow
Deny from all
Allow from 127.0.0.1
Allow from 192.168.1.201 192.168.1.202 192.168.1.203
Allow from 192.168.1.2 192.168.1.3
</Proxy>
<Location /mythweb>
AuthType Basic
AuthName "MythTV"
AuthUserFile "/etc/httpd/passwd"
Require user mythtv
SetOutputFilter DEFLATE
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/php
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
Header append Vary User-Agent env=!dont-vary
</Location>
</IfModule>
ProxyRequests On
ProxyPass /mythweb http://mythtv.backend.server/mythweb
ProxyPassReverse /mythweb http://mythtv.backend.server/mythweb
<Proxy *>
Order deny,allow
Deny from all
Allow from 127.0.0.1
Allow from 192.168.1.201 192.168.1.202 192.168.1.203
Allow from 192.168.1.2 192.168.1.3
</Proxy>
<Location /mythweb>
AuthType Basic
AuthName "MythTV"
AuthUserFile "/etc/httpd/passwd"
Require user mythtv
SetOutputFilter DEFLATE
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/php
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
Header append Vary User-Agent env=!dont-vary
</Location>
</IfModule>
Obviously change 'Allow from' to fit your needs and mythtv.backend.server to your MythTV ip or hostname. The Location section says to authenticate using the user 'mythtv' with the password stored in /etc/httpd/passwd. See 'man htpasswd' about creating a proper Apache password file. The rest of the Location section says to gzip all html, plaintext, xml, php pages sent out (but leave gifs, jpgs, pngs, alone) to any none IE browser. Firefox and Safari can deflate these files properly.
After dropping this conf file in /etc/httpd/conf.d, restart Apache.
--
-J
_______________________________________________ mythtv-users mailing list [email protected] http://mythtv.org/cgi-bin/mailman/listinfo/mythtv-users
