Apache ProxyPass help
2007-12-24 23:38:00
codeprof list is far better than any other list for getting real
answers to my questions anyway.
Here's my dilemma:
I'd like to allow people to access documents on a server which is behind a
firewall from my webserver. The other server allows access from my
webserver on port 80, but doesn't allow access from anyone else.
I set up the following on a test server:
<IfModule mod_proxy.c>
ProxyRequests Off
ProxyPass /proxy http://server.behind.firewall.com/
</IfModule>
I'm able to type in
my.server.com/proxy/document_on_server_behind_firewall.pdf
and get the document. I'm also able, however, to select my.server.com as a
proxy server in browser preferences, and bring up cnn.com using my
webserver as the proxy. It's a very screwed-up looking cnn.com (not all
the images load, the text is in large clumsy looking fonts) but
nevertheless the page comes up.
Can this be exploited? Is there a way to set it up so that I can proxy
through to these docs on the other server but not allow people to use my
server as a proxy server for anything else? I can't set up allow/deny
lists because the general public needs to be able to download these
documents from my webserver.
I thought that reverse proxying would keep people from using my server as
a proxy while allowing the docs to come over, but it didn't seem to
work. I did the exact same config as above but with "ProxyPassReverse"
Any help would be appreciated
Thanks,
Dave
Dave Lowenstein
Programmer/Analyst
Instructional Technology Services
San Diego State University
(619)594-0270
http://www-rohan.sdsu.edu/dept/its
Comments
Got something to say?
You must be logged in to post a comment.
