假设我希望以下客户端仅访问特定的互联网apache2转发代理后面的服务器:
Client-1-IP: www.google.com
Client-2-IP: www.gmail.com
Client-3-IP: www.cnn.com
Client-4-IP: www.chess.com
这可能吗?我在Debian 8上运行Apache 2.4.10。目前,我允许特定的客户通过此访问整个互联网配置值,但希望能够指定一个特定的值客户端只能访问特定的Internet服务器:
<VirtualHost *:8080>
ProxyRequests On
Proxyvia On
<Proxy "*">
Order deny,allow
Deny from all
Allow from <ip-1>
Allow from <ip-2>
Allow from <ip-3>
</Proxy>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
谢谢。
仅供参考,在其他线程中已在here上进行了详细说明。以我为例,我想将Apache 2.4服务器配置为充当另一台机器上的Maven的正向代理,而无需访问Internet。请注意,Apache 2.4中的限制语法已更改,因此,如here所述,Allow / Deny / Order关键字应替换为Require子句。例如,假设我们希望我们的代理在myhost.com:7775上侦听,并仅允许访问192.168.1.1,并仅转发到* .maven.org或* .apache.org。然后我们需要在vhosts配置中执行以下操作(我想可能会有一种更简单的方法来组合多个允许的远程主机):
<VirtualHost myhost.com:7775>
ProxyRequests On
ProxyVia On
# block all domains except our target
<ProxyMatch ^((?!maven\.org).)*$>
Require all denied
</ProxyMatch>
<ProxyMatch ^((?!apache\.org).)*$>
Require all denied
</ProxyMatch>
# only allow our IP for a specific target
<ProxyMatch maven\.org >
Require ip 192.168.1.1
</ProxyMatch>
<ProxyMatch apache\.org >
Require ip 192.168.1.1
</ProxyMatch>
</VirtualHost>