With a little side of applesauce...

Tuesday, January 30, 2007

Debian Apache2 libapache2-mod-rpaf

On a similar note to my last posting, I have found mod-rpaf, reverse proxy add forward module for Apache (mod_rpaf), written by Thomas Eibner. This module works with both apache 1.3 and apache2, but is most interesting to me as an Apache2 module. Since we are running a Debian apache2 package, you can imagine my great pleasure in finding libapache2-mod-rpaf packaged as a Debian package. I simply installed the package:

apt-get install libapache2-mod-rpaf

modified /etc/apache2/mods-enabled/rpaf.conf to reflect the ip addresses of our proxy servers:

RPAFenable On
RPAFsethostname On
RPAFproxy_ips 192.168.1.2 192.168.1.3 192.168.1.4

And, voila! Apache2 could now use the “original client ip” for access control again…

DON’T FORGET! If you have modified your LogFormat directive to replace “%h” (client ip address) with “%{X-Forwarded-For}i”, (contents of x-forwarded-for header), change them back, or your log files will not accurately reflect the changes created by mod-rpaf.

No comments: