head	1.2;
access;
symbols
	RELEASE_7_3_0:1.1
	RELEASE_8_0_0:1.1
	RELEASE_7_2_0:1.1
	RELEASE_7_1_0:1.1
	RELEASE_6_4_0:1.1
	RELEASE_5_EOL:1.1
	RELEASE_7_0_0:1.1
	RELEASE_6_3_0:1.1
	PRE_XORG_7:1.1
	RELEASE_4_EOL:1.1
	RELEASE_6_2_0:1.1
	RELEASE_6_1_0:1.1
	RELEASE_5_5_0:1.1
	RELEASE_6_0_0:1.1
	RELEASE_5_4_0:1.1
	RELEASE_4_11_0:1.1
	RELEASE_5_3_0:1.1
	RELEASE_4_10_0:1.1;
locks; strict;
comment	@# @;


1.2
date	2010.05.12.22.46.35;	author pgollucci;	state dead;
branches;
next	1.1;

1.1
date	2004.01.05.12.34.45;	author clement;	state Exp;
branches;
next	;


desc
@@


1.2
log
@www/mod_extract_forwarded2||2010-05-12|Use www/mod_extract_forwarded instead

Wit hat:    apache@@
@
text
@mod_extract_forwarded2 hooks itself into Apache's header parsing phase and looks
for the X-Forwarded-For header which some (most?) proxies add to the proxied
HTTP requests. It extracts the IP from the X-Forwarded-For and modifies the
connection data so to the rest of Apache the request looks like it came from
that IP rather than the proxy IP.

mod_extract_forwarded can be dangerous for host based access control because
X-Forwarded-For is easily spoofed. Because of this you can configure which
proxies you trust or don't trust.

WWW: http://www.cotds.org/mod_extract_forwarded2/
@


1.1
log
@Add mod_extract_forwarded2 0.1,
an Apache module that can make proxied requests appear with client IP.

PR:             59094
Approved by:    erwin (mentor)
@
text
@@

