From f229189dce5a06fed49a2a19bc6a3683c7538c87 Mon Sep 17 00:00:00 2001
From: Rich Bowen <rbowen@apache.org>
Date: Tue, 5 Jun 2012 15:00:02 +0000
Subject: [PATCH] Adds a security remark regarding proxied content and the host
 address, and reference to mod_remoteip, as per comment added by Allard Hoeve
 to doc.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1346405 13f79535-47bb-0310-9956-ffa450edef68
---
 docs/manual/mod/mod_authz_host.xml | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/docs/manual/mod/mod_authz_host.xml b/docs/manual/mod/mod_authz_host.xml
index 30bef02669..1e16661ac3 100644
--- a/docs/manual/mod/mod_authz_host.xml
+++ b/docs/manual/mod/mod_authz_host.xml
@@ -167,6 +167,18 @@ Require host .net example.edu
     <highlight language="config">
     Require local
     </highlight>
+
+</section>
+
+<section id="proxy"><title>Security Note</title>
+
+    <p>If you are proxying content to your server, you need to be aware
+    that the client address will be the address of your proxy server,
+    not the address of the client, and so using the <code>Require</code>
+    directive in this context may not do what you mean. See
+    <module>mod_remoteip</module> for one possible solution to this
+    problem.</p>
+
 </section>
 
 </section>
-- 
2.49.0