Apache reverse proxy access control

Posted by Steven on Server Fault See other posts from Server Fault or by Steven
Published on 2010-04-09T06:00:57Z Indexed on 2010/04/09 6:03 UTC
Read the original article Hit count: 460

Filed under:
|

I have an Apache reverse proxy that is currently reverse proxying for a few sites. However i am now going to be adding a new site (lets call it newsite.com) that should only be accessible by certain IP's. Is this doable using Apache as a reverse proxy?

I use VirtualHosts for the sites that are being proxyied. I have tried using the Allow/Deny directives in combination with the Location statements. For example:

<VirtualHost *:80>  
Servername newsite.com   
<Location http://newsite.com>
Order Deny,Allow
Deny from all
Allow from x.x.x.x
</Location>
<IfModule rewrite_module>
 RewriteRule ^/$ http://newsite.internal.com [proxy]
</IfModule>

I have also tried configuring allow/deny specicaily for the site in the Proxy directives, for example

<Proxy http://newsite.com/>
  Order deny,allow
  Deny from all
  Allow from x.x.x.x
</Proxy>

I still have this definition for the rest of the proxied sites however.

<Proxy *>
  Order deny,allow
  Allow from all
</Proxy>

No matter what i do it seems to be accessible from any where. Is this because of the definition for all other proxied sites. Is there an order to which it applies Proxy directives. I have had the newsite one both before and after the * one, and also within the VirtualHost statement.

© Server Fault or respective owner

Related posts about apache

Related posts about reverse-proxy