Apache Access Control to IPs (X-Forwarded-For) or valid-user

I used to block access to certain folder of my Apache server using valid-user or ip directive, like the following:

<Directory "/home/domain/public_html/secure">
    Require ip x.x.x.x
    Require ip y.y.y.y
    AuthType Basic
    AuthUserFile "/home/domain/secure/pass"
    AuthName "Authentication Required"
    Require valid-user
    Satisfy Any
</Directory>

<Directory "/home/domain/public_html/secure">

    Require ip x.x.x.x

    Require ip y.y.y.y

    AuthType Basic

    AuthUserFile "/home/domain/secure/pass"

    AuthName "Authentication Required"

    Require valid-user

    Satisfy Any

</Directory>

​

Now, I have placed my server behind an F5-BIGIP device which won’t let me fully DNAT client’s connections. The device is also behind a Linux server that serves as gateway with DNAT/SNAT rules hat are working accordingly. I can log client’s IPs through X-Forwarded_For, though. But my Apache directives are not working anymore.

So my question is, is there any way I could use something like Require X-Forwarded-For x.x.x.x?

My Apache Version is:

[root@webserver1 ~]# apachectl -version
Server version: Apache/2.4.6 (CentOS)
Server built:   May 12 2016 1

[root@webserver1 ~]# apachectl -version

Server version: Apache/2.4.6 (CentOS)

Server built:   May 12 2016 1

​

0:27:23

Thanks in advance.

Answer

You should be able to do something like:

SetEnvIf X-Forwarded-For x.x.x.x$ foo
SetEnvIf X-Forwarded-For y.y.y.y$ bar
...
Require env foo
Require env bar

SetEnvIf X-Forwarded-For x.x.x.x$ foo

SetEnvIf X-Forwarded-For y.y.y.y$ bar

...

Require env foo

Require env bar

​