I used to block access to certain folder of my Apache server using valid-user or ip directive, like the following:
<Directory "/home/domain/public_html/secure">
Require ip x.x.x.x
Require ip y.y.y.y
AuthType Basic
AuthUserFile "/home/domain/secure/pass"
AuthName "Authentication Required"
Require valid-user
Satisfy Any
</Directory>
Now, I have placed my server behind an F5-BIGIP device which won’t let me fully DNAT client’s connections. The device is also behind a Linux server that serves as gateway with DNAT/SNAT rules hat are working accordingly. I can log client’s IPs through X-Forwarded_For, though. But my Apache directives are not working anymore.
So my question is, is there any way I could use something like Require X-Forwarded-For x.x.x.x?
My Apache Version is:
[root@webserver1 ~]# apachectl -version Server version: Apache/2.4.6 (CentOS) Server built: May 12 2016 1
0:27:23
Thanks in advance.
Advertisement
Answer
You should be able to do something like:
SetEnvIf X-Forwarded-For x.x.x.x$ foo SetEnvIf X-Forwarded-For y.y.y.y$ bar ... Require env foo Require env bar