mod_rpaf 0.4 review
Downloadmod_rpaf is a reverse proxy add forward module for Apache. rpaf is for backend Apache servers what mod_proxy_add_forward is for fr
|
|
mod_rpaf is a reverse proxy add forward module for Apache.
rpaf is for backend Apache servers what mod_proxy_add_forward is for frontend Apache servers. It does excactly the opposite of mod_proxy_add_forward written by Ask Bj?rn Hansen. It will also work with mod_proxy in Apache starting with release 1.3.25 and mod_proxy that is distributed with Apache2 from version 2.0.36.
It changes the remote address of the client visible to other Apache modules when two conditions are satisfied. First condition is that the remote client is actually a proxy that is defined in httpd.conf. Secondly if there is an incoming X-Forwarded-For header and the proxy is in it's list of known proxies it takes the last IP from the incoming X-Forwarded-For header and changes the remote address of the client in the request structure. It also takes the incoming X-Host header and updates the virtualhost settings accordingly. For Apache2 mod_proxy it takes the X-Forwared-Host header and updates the virtualhosts
If you use mod_rpaf on the backend server you have no need to use mod_perl to set the remote_ip of the real client you are serving and you don't need to invent a lot of internal hostnames for the backend server. It simply just works with the same hostnames as the frontend server is using when using the RPAFsethostname option.
Module configuration is pretty simple, there are only two directives to set; RPAFenable and RPAFproxy_ips. With the later you can define which IP's are your frontend proxies that sends the correct X-Forwarded-For headers. If you do not use the RPAFproxy_ips directive then the module will not change the remote address of the incoming connection at any time. RPAFsethostname will, when enabled, take the incoming X-Host header and update the virtualhost settings accordingly.
# if DSO load module first:
LoadModule rpaf_module libexec/apache2/mod_rpaf-2.0.so
RPAFenable On
RPAFsethostname On
RPAFproxy_ips 127.0.0.1 10.0.0.1
mod_rpaf 0.4 search tags