我有一个简单的正向代理,需要进行用户身份验证和 IP 地址白名单。我创建了以下虚拟主机:
ProxyRequests On
ProxyVia On
<Proxy xx.xxx.xx.xxx:8888>
Order deny,allow
Allow from xx.xxx.xx.xxx
Allow from xx.xxx.xx.xxx
Allow from xx.xxx.xx.xxx
Allow from xx.xxx.xx.xxx
AuthType Basic
AuthName "Password Required for Proxy"
AuthUserFile /etc/apache2/.proxyhtpasswd
Require user
</Proxy>
代理本身工作正常,但用户身份验证和允许 IP 却不行。我更改了配置 10 次,即使只有 Auth 块,它仍然可以工作,而无需使用(有效的)用户/密码或拥有正确的 IP 地址。
我也尝试通过普通的 VirtualHost 配置来配置它,但仍然没有成功:
<VirtualHost xx.xxx.xx.xxx:8888>
ProxyRequests On
ProxyVia On
SSLProxyEngine On
<Location />
Order Deny,Allow
Deny from all
Allow from xx.xxx.xx.xxx
Allow from xx.xxx.xx.xxx
Allow from xx.xxx.xx.xxx
Allow from xx.xxx.xx.xxx
AuthType Basic
AuthBasicProvider file
AuthName "Password Required for Proxy"
AuthUserFile /etc/apache2/.proxyhtpasswd
Require valid-user
</Location>
</VirtualHost>
答案1
我认为要么
Require valid-user
或者
Require user [theusername]
但不是
Require user
看:http://httpd.apache.org/docs/current/mod/core.html#require
答案2
我通过将 Proxy 指令与 VirtualHost 指令结合起来解决了这个问题。
<VirtualHost xx.xxx.xx.xxx:8888>
ProxyRequests On
ProxyVia On
SSLProxyEngine On
<Proxy *>
Order Deny,Allow
Deny from all
Allow from xx.xxx.xx.xxx
Allow from xx.xxx.xx.xxx
Allow from xx.xxx.xx.xxx
Allow from xx.xxx.xx.xxx
AuthType Basic
AuthBasicProvider file
AuthName "Password Required for Proxy"
AuthUserFile /etc/apache2/.proxyhtpasswd
Require valid-user
</Proxy>
LogLevel warn
ErrorLog ${APACHE_LOG_DIR}/proxy-error.log
CustomLog ${APACHE_LOG_DIR}/proxy-access.log combined
</VirtualHost>