When you rewrite your applications to become secure (i.e. URL = 'https'), the latest versions of the browsers will complain if you leave URLs with the scheme ftp:// - and they don't really support sftp: or ftps:. They throw a 'mixed content' error if a page which is served via SSL has URLs which are not secure and ftp is one of these. You would use mod_proxy_ftp if you want to replace the ftp: URLs with https URLs, yet allow the existing ftp server with all its logging and associated metrics to serve these requests. I know some of the people who watch this list know the nuances of some of the modules and perhaps there was something obvious to make the mod_proxy_ftp pass the client IPs to the ftp server backend so that is why I posted here. The counterargument is to say ftp is obsolete so just do the metrics from the access_log.
On Wed, Jul 25, 2018 at 8:01 AM, Walter H. <[email protected]> wrote: > On 24.07.2018 19:28, Harbo, Peter wrote: > > The mod_proxy_ftp module is working fine for me using release 2.4.25 to > send urls matching a pattern to a proftpd server running on the same > system. I have noticed that the source IP address in the ftpd log is the > same as the httpd running the mod_proxy_ftp module. Am I correct in > assuming that neither mod_remoteip nor any other configuration options of > httpd can cause httpd's ftp proxy module to spoof the IP address of the > client sending the request to httpd? Otherwise this works nicely but we > need the correct IP addresses in the proftpd log for metrics. > > why not just letting the folks directly to the FTP with anonymous? > so there is no need of this proxy module and you have the real IP > addresses in the log; > >
