On Tue, 19 Dec 2006, Davide Bianchi wrote:
You've upgraded from what?
rel 3.
Have you checked if the problem could be caused by the fact that SELinux is
by default enabled in RH EL, and maybe Apache can't read the .htaccess file?
yes. selinux is indeed enabled. however, it's not logging
we've recently upgrade to redhat enterprise rel 4. for some reason .htacess
files are no longer being read. we're not seeing any errors in apache logs or
selinux logs and configuration has not changed. has anyone else seen this or
is more likely that we've fat fingered something?
regards.
-a
On Thu, 7 Dec 2006, Joshua Slive wrote:
On 12/7/06, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>> still, i think even REMOTE_ADDR could be spoofed easily couldn't it?
>
> No, it is determined directly from the TCP/IP connection information
which
> cannot be (easily) spoofed. The Client-IP
On Thu, 7 Dec 2006, Joshua Slive wrote:
You should be fine if:
1) the proxy clears any existing Client-IP header before setting its own; and
2) the back-end box accepts connections only from the proxy.
(The latter one is a little tricky, since you can't use mod_access to
do this restriction in
On Thu, 7 Dec 2006, Joshua Slive wrote:
On 12/7/06, Ara.T.Howard <[EMAIL PROTECTED]> wrote:
does this make sense? i'm sure that is based on a mis-understanding on my
part
about Order/Allow/Deny, but i'm sure what i'm trying to do should be
possible
solely from this .htaccess file.
thoughts
