Q. I've proxy (mod_proxy) enabled for Apache under Debian Linux 4.0 server. I'd like to use this to improve performance, but I don't want an open proxy that can be used by anyone on the Internets? How do I secure my proxy as limiting access is essential as I'm using a forward proxy?
A. You can easily restrict proxy access to single domain, IP or subnet.
Forward proxy example
You can control who can access your proxy via the <Proxy> control block. Use configuration as follows to allow access from your-domain.com only:
<Proxy *> Order deny,allow Deny from all Allow from your-domain.com </Proxy>
OR allow access from 10.1.5 only
<Proxy *> Order deny,allow Deny from all Allow from 10.1.5 </Proxy>
Further readings:
- Apache Module mod_proxy documentation.
Featured articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- My 10 UNIX Command Line Mistakes
- Linux: 20 Iptables Examples For New SysAdmins
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- 10 Greatest Open Source Software Of 2009
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
I want to how to build new kenrel through complete process