Fail directive CERN 3.0 proxy

Fail directive CERN 3.0 proxy

Post by Bas Jansz » Fri, 15 Dec 1995 04:00:00



Hi--

I'm using the CERC 3.0 httpd as an outbound proxy for my company and I want to deny certain webservers.
I've tried  adding a  Fail http://www.server.com and a Fail http://www.server.com/* but that blocks al
outside access. What is the syntax for blocking specific www servers ?

--
Bas Janszen

http://www.xs4all.nl/~basj

 
 
 

Fail directive CERN 3.0 proxy

Post by ton » Sat, 16 Dec 1995 04:00:00




Bas> Hi--

Bas> I'm using the CERC 3.0 httpd as an outbound proxy for
Bas> my company and I want to deny certain webservers.  I've
Bas> tried adding a Fail http://www.server.com and a Fail
Bas> http://www.server.com/* but that blocks al outside
Bas> access. What is the syntax for blocking specific www
Bas> servers ?

"Fail" is for _local_ objects, not restricting accesses to
the server.  The last rule I have in my http CERN/W3C server
is

  Fail *

to make sure I don't accidentally let through things I've
forgotten to detail in other earlier rules.

What you want is to find the infamous IP-negation patch.
Then set up a Protection rule on your webspace (or the bit
you want to protect) and "Mask" off the hosts you want to
restrict.

tony

 
 
 

Fail directive CERN 3.0 proxy

Post by Operator ID 88-91/op » Sun, 17 Dec 1995 04:00:00



>Hi--

>I'm using the CERC 3.0 httpd as an outbound proxy for my company and I want to deny certain webservers.
>I've tried  adding a  Fail http://www.server.com and a Fail http://www.server.com/* but that blocks al
>outside access. What is the syntax for blocking specific www servers ?

Fail http://www.server.com/*

Pass http:*

The Fail must come before the Pass, or it will be ignored. You must
still have the Pass, so you can access other sites.

These are only my opinions, and I don't claim to know what I'm
talking about.

 
 
 

1. CERN httpd 3.0 proxy fails on secure form

We're running CERN httpd 3.0 as a firewall proxy here, and I have
a question about running secure forms through it.  A Netscape
v1.1N client tried to access a secure form through this proxy and
got the message:

  Invalid request "CONNECT www0.internet.net:443 HTTP/1.0" (unknown method)

My question: Is this a problem due to incorrect proxy setup of
CERN httpd, or is such an HTTP transaction beyond the proxy
capabilities of CERN httpd 3.0?

Thanks in advance.

--

2. 10 and 100Mbit Ethernet Interoperability ?

3. CERN 3.0 Proxy - Proxy

4. Tried loading PAO for Mobiles but...

5. CERN 3.0 cache config directives

6. Resources on UNIX Security management, esp.auditing

7. Emulating Fail CERN server directive in APACHE

8. Questions

9. Mapping CERN Exec directives to Apache ScriptAlias; CERN Redirect to RewriteRule

10. CERN 3.0, AIX 3.2.5, proxy and cache

11. CERN 3.0 proxy configuration ?

12. CERN 3.0 running as caching proxy?

13. CERN 3.0 proxy is workig, but...