Reputation: 36
SetEnvIf Remote_Addr "x.x.x.x" doesn't work - Apache and DirecAdmin
I have a problem with DirectAdmin and firewall. The following statement doesn't work:
SetEnvIf Remote_Addr "x.x.x.x" TRUST=yes
Apache doesn't respond to above instruction.
The instruction is part of the following whole:
Alias /.well-known "/var/www/html/.well-known"
RewriteEngine On
RewriteCond %{REQUEST_URI} !^/.well-known/(.*)
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
ProxyPass /.well-known !
SetEnvIf Remote_Addr "111.222.33.123" TRUST=yes
SetEnvIf Remote_Addr "111.222.33.223" TRUST=yes
SetEnvIf Remote_Addr "111.222.33.114" TRUST=yes
SetEnvIf Remote_Addr "111.222.33.223" TRUST=yes
SetEnvIf Remote_Addr "111.222.33.115" TRUST=yes
SetEnvIf Remote_Addr "111.222.33.234" TRUST=yes
SetEnvIf Remote_Addr "127.0.0.1" TRUST=yes
ProxyPass "/" "http://localhost:3001/"
ProxyPassReverse "/" "http://localhost:3001/"
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
Apache doesn't respond to SetEnvIf Remote_Addr "x.x.x.x" TRUST=yes.
Where is the problem?
Upvotes: 1
Views: 6691
Answers (1)
Reputation: 45829
If you are behind a firewall/proxy then Remote_Addr is likely going to be the IP address of the firewall, not of the client making the connection.
Try checking the X-Forwarded-For HTTP request header instead for the client's IP address, but note that this can potentially contain multiple (comma separated) IP addresses (the client IP address being the first). For example:
SetEnvIf X-Forwarded-For "^111\.222\.33\.123\b" TRUST=yes
If X-Forwarded-For is not set then check for other similar headers in the HTTP request.
Upvotes: 1