[OT] User problem: Apache-Rewrite - Firewall - Problem
Andreas Tille
tillea at rki.de
Fri Mar 23 18:52:24 UTC 2007
On Fri, 23 Mar 2007, Fabio Tranchitella wrote:
> You should use 127.0.0.1 or localhost instead of a.b.c.d at the first
> occurrence.
Well, that failed for me formerly with apache 1.3 and I also tested it
now with apache2 (2.2.3, Etch package) ... but I'll try.
> Could you please confirm us that the mod_proxy is enabled and loaded?
$ ls -l /etc/apache2/mods-enabled/p*
lrwxrwxrwx 1 root root 33 2007-03-22 10:33 /etc/apache2/mods-enabled/proxy_http.load -> ../mods-available/proxy_http.load
lrwxrwxrwx 1 root root 28 2007-03-22 15:58 /etc/apache2/mods-enabled/proxy.load -> ../mods-available/proxy.load
What else can I do to convince you? Is there any way to proof that these
modules are really loaded?
> Also, add this snippet (tested with apache2, not sure if it works on apache
> 1.3) to your virtual host configuration:
Well, tha actual problem concerns only apache2 (Etch) so we can
forget any 1.3 issues.
>
> <Proxy *>
> Order deny,allow
> Allow from all
> </Proxy>
This snipped would be included if I would do
ln -s ../mods-available/proxy.conf /etc/apache2/mods-enabled/proxy.conf
> <IfModule mod_proxy.c>
> ProxyVia On
> # prevent the webserver from beeing used as proxy
> <LocationMatch "^[^/]">
> Deny from all
> </LocationMatch>
> </IfModule>
I did as above /set the link to proxy.conf and changed the rewrite
rule to
RewriteRule ^(.*) http://127.0.0.1:9673/VirtualHostBase/http/a.b.c.d:80/mydir/VirtualHostRoot$1 [P,L]
My browser said:
You don't have permission to access / on this server.
Apache error.log sais:
[Fri Mar 23 18:44:52 2007] [error] [client 217.81.80.129] client denied by server configuration: proxy:http://127.0.0.1:9673/VirtualHostBase/http/a.b.c.d:80/agi/VirtualHostRoot/
[Fri Mar 23 18:44:53 2007] [error] [client 217.81.80.129] client denied by server configuration: proxy:http://127.0.0.1:9673/VirtualHostBase/http/a.b.c.d:80/agi/VirtualHostRoot/favicon.ico
Apache access.log sais:
217.81.80.129 - - [23/Mar/2007:18:44:52 +0100] "GET / HTTP/1.0" 403 284
217.81.80.129 - - [23/Mar/2007:18:44:53 +0100] "GET /favicon.ico HTTP/1.0" 403 295
I could also send a rewrite log but I do not see any interesting things.
I would say this promotes my theory that the browser tries to query
my client localhost. Next I would try to find out whether apache mod_proxy
is loaded if you tell me, how to do this.
Kind regards
Andreas.
--
http://fam-tille.de
More information about the pkg-zope-developers
mailing list