Apache “require ip” is not working when behind proxy. How to limit website access to IP when Apache is behind proxy.

I had a case where Apache did not respect the directives in .htaccess with ‘require ip‘ and I couldn’t limit the website to certain addresses. The problem is that when Apache is behind a proxy ( HAProxy in this case ), the ‘require ip‘ will not pass the correct IP address. The correct IP address of the visitor is located in the ‘X-Forwarded-For’ variable. Therefore, .htaccess needs to be modified so that instead of ‘require ip’, it will respect another variable into which we will pass the values of ‘X-Forwarded-For’.

Below is an example of how it was solved in a case where it was necessary to request a password only if the website visitor did not come from a specific IP address which is added to the exceptions.”

Example:

<If "%{HTTP_HOST} == 'this.isnowworking.com'">
SetEnv IF_MATCHES_HOST true
AuthUserFile /etc/httpd/.htpasswd
AuthType Basic
AuthName "Restricted access"

SetEnvIF X-Forwarded-For "1.1.1.1" AllowIP
SetEnvIF X-Forwarded-For "2.2.2.2" AllowIP
SetEnvIF X-Forwarded-For "3.3.3.3" AllowIP

<RequireAny>
Require valid-user
Require env AllowIP
</RequireAny>
</If>

Got Something To Say:

Your email address will not be published. Required fields are marked *

*

I accept the Privacy Policy

This site uses Akismet to reduce spam. Learn how your comment data is processed.

© 2024 geegkytuts.net
Hosted by SIEL


About author