Quick explanation:
- Home hobby server
- Some public services, some I'd like to restrict to internal only
- Since I discovered reverse proxies () I've been migrating everything behind subdomains of my domain, via Apache
- I then discovered that I could no longer simply use
Require localas before, since Apache always sees the public IP address of the client Require forward-dnsappears to be the solution I want, however it's not giving the expected result- I'm on a dynamic IP, but the results seem like they should be broadly correct. I just want to understand why this isn't working
Example .htaccess on the server (as an initial test):
Require forward-dns mydomain.biz
Example public IP test from within my home network:
$ host myip.opendns.com resolver1.opendns.com
... myip.opendns.com has address a.b.c.d ...
Lookup the domain name:
$ host mydomain.biz
mydomain.biz has address a.b.c.d
mydomain.biz mail is handled by 10 mydomain.biz
However, upon accessing the site from the local network:
[Thu Aug 09 12:59:35.478812 2018] [authz_core:error] [pid 18478:tid 139675020785408] [client a.b.c.d:45860] AH01630: client denied by server configuration: /var/www/blah/blah/
So even though authz_core receives the expected IP, its forward-dns server does not return that IP. So why is this? Am I doing something obviously wrong? Could the mail server be interfering with the result?
Hope someone can help. Thanks in advance!
