Skip to content
reverse proxy add forward module for Apache
C Makefile Shell
Branch: stable
Clone or download

Latest commit

gnif Merge pull request #45 from BenSjoberg/fix_ipv6
Fix IPv6 client IPs when the proxy uses KeepAlive
Latest commit 669c3d2 Dec 20, 2016

Files

Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
CHANGES Import of mod_rpaf 0.6 Jan 20, 2011
Makefile Honour DESTDIR environment variable during install Oct 17, 2011
README.md removed dependency to yada, closes #26 Oct 13, 2015
apxs.sh redirect which output to /dev/null Jan 27, 2011
mod_rpaf.c Merge pull request #45 from BenSjoberg/fix_ipv6 Dec 20, 2016
mod_rpaf.spec Add rpaf.conf. Nov 3, 2015
rpaf.conf Add rpaf.conf. Nov 3, 2015

README.md

mod_rpaf - reverse proxy add forward

Summary

Sets REMOTE_ADDR, HTTPS, and HTTP_PORT to the values provided by an upstream proxy. Sets remoteip-proxy-ip-list field in r->notes table to list of proxy intermediaries.

Compile Debian/Ubuntu Package and Install

sudo apt-get install build-essential apache2-threaded-dev
make
make install   

Compile and Install for RedHat/CentOS

yum install httpd-devel
make
make install

Configuration Directives

RPAF_Enable             (On|Off)                - Enable reverse proxy add forward

RPAF_ProxyIPs           127.0.0.1 10.0.0.0/24   - What IPs & bitmasked subnets to adjust
                                                  requests for

RPAF_Header             X-Forwarded-For         - The header to use for the real IP 
                                                  address.

RPAF_SetHostName        (On|Off)                - Update vhost name so ServerName &
                                                  ServerAlias work

RPAF_SetHTTPS           (On|Off)                - Set the HTTPS environment variable
                                                  to the header value contained in
                                                  X-HTTPS, or X-Forwarded-HTTPS. For
                                                  best results make sure that mod_ssl
                                                  is NOT enabled.

RPAF_SetPort            (On|Off)                - Set the server port to the header
                                                  value contained in X-Port, or
                                                  X-Forwarded-Port. (See Issue #12)

RPAF_ForbidIfNotProxy   (On|Off)                - Option to forbid request if not from
                                                  trusted RPAF_ProxyIPs; otherwise
                                                  cannot be done with Allow/Deny after
                                                  remote addr substitution

Example Configuration

LoadModule              rpaf_module modules/mod_rpaf.so
RPAF_Enable             On
RPAF_ProxyIPs           127.0.0.1 10.0.0.0/24
RPAF_SetHostName        On
RPAF_SetHTTPS           On
RPAF_SetPort            On
RPAF_ForbidIfNotProxy   Off

Authors

License and distribution

This software is licensed under the Apache License 2.0. The latest version is available from GitHub

You can’t perform that action at this time.