I have an Apache reverse proxy that is currently reverse proxying for a few sites.
However i am now going to be adding a new site (lets call it newsite.com) that should only be accessible by certain IP's. Is this doable using Apache as a reverse proxy?
I use VirtualHosts for the sites that are being proxyied. I have tried using the Allow/Deny directives in combination with the Location statements. For example:
<VirtualHost *:80>
Servername newsite.com
<Location http://newsite.com>
Order Deny,Allow
Deny from all
Allow from x.x.x.x
</Location>
<IfModule rewrite_module>
RewriteRule ^/$ http://newsite.internal.com [proxy]
</IfModule>
I have also tried configuring allow/deny specicaily for the site in the Proxy directives, for example
<Proxy http://newsite.com/>
Order deny,allow
Deny from all
Allow from x.x.x.x
</Proxy>
I still have this definition for the rest of the proxied sites however.
<Proxy *>
Order deny,allow
Allow from all
</Proxy>
No matter what i do it seems to be accessible from any where. Is this because of the definition for all other proxied sites. Is there an order to which it applies Proxy directives. I have had the newsite one both before and after the * one, and also within the VirtualHost statement.
Best Answer
You are using ServerName and ServerAlias for matching newsite.com.
You should NOT use for a reverse proxy configuration the directive:
You should use:
For apache 2.2:
For apache 2.4:
After doing the Authz, you simply should do a ProxyPass, and the ProxyPassReverse (for the 302,301 redirects):
Take in mind that with this you need to add newsite.com to your /etc/hosts or that dns should resolve the host in the url. You may also use IP address only but you should instruct the httpd server that Preserves the "Host:" header with: