Hello,
I'm upgrading my apache configuration. If anyone who is a server
security admin could take a look at this configuration, I need to know
if the ciphers chosen are all pfs, have the strongest settings?
SSLInsecureRenegotiation Off
SSLSessionTickets Off
SSLOpenSSLConfCmd DHParameters
You can filter based on the X-Forwarded-For header or use mod_remoteip.
mod_remoteip will rewrite the remote address so you can use standard
filters.
To use X-Forwarded-For, you can do something like this:
SetEnvIF X-Forwarded-For "^192\.168\.10\.\d+$" MY_PRIVATE_NETWORK1
SetEnvIF X-Forwarded-For
Any suggestions on how to implement access control for ip address ranges to
specific files on back end hosts when going thru Apache load balancer?
For example, you do not want external IPs to access "filename.php" on your
backend hosts thru load balancer
