From: Jim Jagielski Date: Mon, 26 Dec 2016 21:35:36 +0000 (+0000) Subject: and xforms X-Git-Tag: 2.5.0-alpha~863 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e405186e369630d151013f4462fff9d376a85e9f;p=apache and xforms git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1776075 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/mod/mod_proxy_protocol.html b/docs/manual/mod/mod_proxy_protocol.html new file mode 100644 index 0000000000..88388fe8f2 --- /dev/null +++ b/docs/manual/mod/mod_proxy_protocol.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: mod_proxy_protocol.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/docs/manual/mod/mod_proxy_protocol.html.en b/docs/manual/mod/mod_proxy_protocol.html.en new file mode 100644 index 0000000000..09ee146fc8 --- /dev/null +++ b/docs/manual/mod/mod_proxy_protocol.html.en @@ -0,0 +1,123 @@ + + + + + +mod_proxy_protocol - Apache HTTP Server Version 2.5 + + + + + + + +
+

Modules | Directives | FAQ | Glossary | Sitemap

+

Apache HTTP Server Version 2.5

+
+
<-
+
+Apache > HTTP Server > Documentation > Version 2.5 > Modules
+
+

Apache Module mod_proxy_protocol

+
+

Available Languages:  en 

+
+ + + +
Description:Implements the server side of the proxy protocol.
Status:Extension
Module Identifier:proxy_protocol_module
Source File:mod_proxy_protocol.c
+

Summary

+ +

mod_proxy_protocol implements the server side of + HAProxy's + Proxy Protocol.

+ +

The module overrides the client IP address for the connection + with the information supplied by the upstream proxy in the proxy + protocol (connection) header.

+ +

This overridden useragent IP address is then used for the + mod_authz_host + Require ip + feature, is reported by mod_status, and is recorded by + mod_log_config %a and core + %a format strings. The underlying client IP of the connection + is available in the %{c}a format string.

+ +
It is critical to only enable this behavior from + intermediate proxies which are trusted by this server, since it is trivial + for the remote client to impersonate another client. Currently this must + be done by external means (such as a firewall) as this module does not + (yet) implement access controls.
+
+ + +
top
+

ProxyProtocolFilter Directive

+ + + + + + +
Description:Enable or disable the proxy protocol handling
Syntax:ProxyProtocolFilter On|Off
Context:server config, virtual host
Status:Extension
Module:mod_proxy_protocol
+

The ProxyProtocolFilter enables or disables the + reading and handling of the proxy protocol connection header. If enabled + the upstream client must send the header every time it opens a + connection or the connection will get aborted.

+ +

While this directive may be specified in any virtual host, it is + important to understand that because the proxy protocol is connection + based and protocol agnostic, the enabling and disabling is actually based + on ip-address and port. This means that if you have multiple name-based + virtual hosts for the same host and port, and you enable it any one of + them, then it is enabled for all them (with that host and port). It also + means that if you attempt to enable the proxy protocol in one and disable + in the other, that won't work; in such a case the last one wins and a + notice will be logged indicating which setting was being overridden.

+ + 
ProxyProtocolFilter On
+ + +
+
+
+

Available Languages:  en 

+
top

Comments

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.
+
+ \ No newline at end of file