httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Maiorana <>
Subject [users@httpd] Configuring httpd forward proxy to restrict destinations by subnet
Date Thu, 05 Apr 2018 18:24:58 GMT
I have an Apache httpd v2.2 server (on Centos 6) set up as a forward proxy
to get to a DMZ in a test lab environment. It is working, but I would like
to restrict destinations to specific subnets, both IPv4 and IPv6. I've
searched for a solution and have not been able to find and answer.

Here is the virtualhost segment of my httpd.conf file:

  ProxyRequests On
  ProxyVia On
  ProxyBlock ""
  <Proxy *>
    Order deny,allow
    Allow from
    Deny from all
  ErrorLog "/var/log/httpd/proxy-error.log"
  CustomLog "/var/log/httpd/proxy-access.log" common

The above config allows incoming connections from the subnet.
It does not allow connections specifically to through the
proxy. Instead of blocking that single address, I would like to specify a
set of subnets that are allowed, and everything else be denied. For
example, allow:


But block everything else from passing through the proxy. I understand that
this would block any url that used a hostname instead of an IP address.

Thanks in advance for any help you can provide.
Mike M.

View raw message