From: Rich Bowen <rbowen@apache.org>
Date: Tue, 5 Jun 2012 15:00:02 +0000 (+0000)
Subject: Adds a security remark regarding proxied content and the host address,
X-Git-Tag: 2.5.0-alpha~6757
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f229189dce5a06fed49a2a19bc6a3683c7538c87;p=thirdparty%2Fapache%2Fhttpd.git

Adds a security remark regarding proxied content and the host address,
and reference to mod_remoteip, as per comment added by Allard Hoeve to
doc.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1346405 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/mod/mod_authz_host.xml b/docs/manual/mod/mod_authz_host.xml
index 30bef026697..1e16661ac35 100644
--- a/docs/manual/mod/mod_authz_host.xml
+++ b/docs/manual/mod/mod_authz_host.xml
@@ -167,6 +167,18 @@ Require host .net example.edu
     <highlight language="config">
     Require local
     </highlight>
+
+</section>
+
+<section id="proxy"><title>Security Note</title>
+
+    <p>If you are proxying content to your server, you need to be aware
+    that the client address will be the address of your proxy server,
+    not the address of the client, and so using the <code>Require</code>
+    directive in this context may not do what you mean. See
+    <module>mod_remoteip</module> for one possible solution to this
+    problem.</p>
+
 </section>
 
 </section>