[Mod_gzip] warning when working with mod_proxy for SSL & mod_gzip
Nicola Fankhauser
mod_gzip@lists.over.net
18 Jan 2003 11:41:36 +0100
hello
I just analysed my server log files and saw strange things going on -
and was quite shocked when I realized that my mod_proxy configuration
allowed _everyone_ access, not only to my server, but acting as real
proxy server.
So I'd like to add a complementary httpd.conf snippet to my solution of
the mod_gzip & SSL problem. Let's assume, your SSL virtual host listens
to address 127.0.0.1 on port 80, then you should _absolutely_ add these
lines to your httpd.conf:
---
<IfModule mod_proxy.c>
<Directory proxy:*>
order deny,allow
deny from all
</Directory>
<Directory proxy:http://127.0.0.1/>
order deny,allow
allow from all
</Directory>
</IfModule>
---
regards
nicola