> to that, any subsequent request will not be seen by either apache or
> mod_auth at all.
>
> You have a few options:
> 1) IP Whitelists are a rather poor means of authentication. Moving to
> something else might be prudent. But that's not easy.
> 2) There are probably VMOD
will return the cached response to any IP address that comes
>>> calling. Even if the first request comes from a valid IP, which gets
>>> passed through via X-Forward or similar, and mod_auth is tweaked to respond
>>> to that, any subsequent request will not be seen by ei
d_auth at all.
>>
>> You have a few options:
>> 1) IP Whitelists are a rather poor means of authentication. Moving to
>> something else might be prudent. But that's not easy.
>> 2) There are probably VMODs that do something similar. If not and if the
>> list of
ou could limit the IPs in VCL rather than
> mod_auth.
> 3) Push the list of IP addresses that can connect to the external port
> down to IPTables or similar.
> 4) Push the list of IP addresses to external Firewall, or Security Group
> or whatever.
>
>
>
> On Thu, Mar
t; 1) IP Whitelists are a rather poor means of authentication. Moving to
>>> something else might be prudent. But that's not easy.
>>> 2) There are probably VMODs that do something similar. If not and if
>>> the list of IPs isn't too long, you could limit the IPs in VC
something similar. If not and if the
>> list of IPs isn't too long, you could limit the IPs in VCL rather than
>> mod_auth.
>> 3) Push the list of IP addresses that can connect to the external port
>> down to IPTables or similar.
>> 4) Push the list of IP addresses to extern
nal port
> down to IPTables or similar.
> 4) Push the list of IP addresses to external Firewall, or Security Group
> or whatever.
>
>
>
> On Thu, Mar 16, 2017 at 5:46 PM, Hernán Marsili <her...@cmsmedios.com>
> wrote:
>
> Hi,
>
> We are having an issue with VARN
2017 at 5:46 PM, Hernán Marsili <her...@cmsmedios.com>
> wrote:
>
>> Hi,
>>
>> We are having an issue with VARNISH and apache mod_auth. Varnish is on
>> port 80 serving users and Apache is the backend.
>>
>> We have servers restricting access o
<her...@cmsmedios.com>
wrote:
> Hi,
>
> We are having an issue with VARNISH and apache mod_auth. Varnish is on
> port 80 serving users and Apache is the backend.
>
> We have servers restricting access only to authenticated users or certain
> IP addresses. Since we
Hi,
We are having an issue with VARNISH and apache mod_auth. Varnish is on port
80 serving users and Apache is the backend.
We have servers restricting access only to authenticated users or certain
IP addresses. Since we installed Varnish the issue is that we need to
enable 127.0.0.1
10 matches
Mail list logo
