[off topic] Configuring an IP blind Apache server
Dan Mahoney, System Admin
danm at prime.gushi.org
Mon May 1 20:15:44 UTC 2006
On Mon, 1 May 2006, Jonathan D. Proulx wrote:
Bind your apache instances to an RFC 1918 address, internally.
Use your kernel's ip forwarding functionality, with freebsd this would be
done by a rule like "ipfw add 400 fwd 192.168.1.20,80 ip from any to
realip 80"
Alternatively, stick it behind thomas boutell's excellent rinetd -- either
approach will "nat" the request and rewrite the tcp connection without
revealing that it's being rewritten.
-Dan
> Hi,
>
> My appologies in advance this is clearly off topic, but couldn't think
> where else to ask...so please reply directly to me.
>
> I'd like a _reverse_ anonymizing proxy, something that blinds Apache
> to the incoming IP adresses in client HTTP requests. I run a
> webserver with a couple of virtual servers (in the apache sense not
> the Xen/VMWare sense) run by different people and I'd like to scrub
> the IP info from traffic before Apache gets it so that neither their
> vhost configs nor their CMS can log IPs even if they want to.
>
> It seesm like there should be a way to plub in privoxy or something,
> but I can quite think how. Any suggestions or pointers?
>
> Obviously running them as hidden services would fix this, but I don't
> want the services hidden per se.
>
> Thanks,
> -Jon
>
--
"SOY BOMB!"
-The Chest of the nameless streaker of the 1998 Grammy Awards' Bob Dylan
Performance.
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
More information about the tor-talk
mailing list