Proxy Context

Table of Contents

Proxy Context

URI | Web Server | Header Operations | Realm | Authentication Name | Require (Authorized Users/Groups) | Access Allowed | Access Denied | Authorizer | Add Default Charset | Customized Default Charset | Enable GeoLocation Lookup

Proxy Context

Description

A Proxy Context enables this virtual host as a transparent reverse proxy server. This proxy server can run in front of any web servers or application servers that support HTTP protocol. The External web server that this virtual host proxies for has to be defined in External Apps before you can set up a Proxy Context.

URI

Description

Specifies the URI for this context.

Syntax

The URI can be a plain URI (starting with "/") or a Perl compatible regular expression URI (starting with "exp:"). If a plain URI ends with a "/", then this context will include all sub-URIs under this URI. If the context maps to a directory on the file system, a trailing "/" must be added.

See Also

Location

Web Server

Description

Specifies the name of the external web server. This external web server must be defined in the External Apps section at the server or virtual host level.

Syntax

Select from drop down list

Header Operations

Description

Specifies additional response/request headers to be added. Multiple header directives can be added with one directive per line. "NONE" can be used to disable parent header inheritance. If no directive is provided 'Header' is assumed.

Syntax

[Header]|RequestHeader [condition] set|append|merge|add|unset header [value] [early|env=[!]variable]

Example

set Cache-control no-cache
append Cache-control no-store
Header set My-header cust_header_val
RequestHeader set My-req-header cust_req_header_val

Tips

Syntax and usage are similar to Apache's mod_headers directives for supported operations.

The 'Header' directive is is optional and can be excluded or left in when copying rules from elsewhere without issue.

Realm

Description

Specifies the authorization realm for this context. When specified, a valid username and password must be provided in order to access this context. Authorization Realms are set up in the Virtual Host Security section. This setting uses each realm's Realm Name.

Syntax

Select from drop down list

Authentication Name

Description

Specifies an alternative name for the authorization realm for the current context. If not specified, the original realm name will be used. The authentication name is displayed on the browser's login pop-up.

Require (Authorized Users/Groups)

Description

Specifies which user/group can access this context. This allows you to use one user/group database (specified in Realm) across a number of contexts, but only allow certain users/groups from that database to access this context.

Syntax

Syntax is compatible with Apache's Require directive. For example:

  • user username [username ...]
    Only listed users can access this context.
  • group groupid [groupid ...]
    Only users belonging to the listed groups can access this context.
If this setting is not specified, all valid users will be allowed to access this resource.

Access Allowed

Description

Specifies which IPs or sub-networks are allowed to access resources under this context. Together with Access Denied and server/virtual host level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

Syntax

Comma-delimited list of IPs/sub-networks.

Example

Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

Access Denied

Description

Specifies which IPs or sub-networks are NOT allowed to access resources under this context. Together with Access Allowed and server/virtual host-level access control, accessibility is determined by the smallest scope that a client's IP address falls into.

Syntax

Comma-delimited list of IPs/sub-networks.

Example

Sub-networks can be written as 192.168.1.0/255.255.255.0, 192.168.1, or 192.168.1.*.

Authorizer

Description

Specifies an external application that can be used to generate authorized/unauthorized decisions. Currently, only the FastCGI Authorizer is available. For more details about the FastCGI Authorizer role, please visit https://fastcgi-archives.github.io/ .

Syntax

Select from drop down list

Add Default Charset

Description

Specifies whether to add a character set tag to the "Content-Type" response header, when content type is either "text/html" or "text/plain" without any parameters. When set to Off, this function is disabled. When set to On, either the character set specified by Customized Default Charset or the default "iso-8859-1" will be added.

Syntax

Select from radio box

Customized Default Charset

Description

Specifies a character set to be used when Add Default Charset is On. This is optional. The default value is iso-8859-1. This entry has no effect when Add Default Charset is Off.

Syntax

Name of a character set.

Example

utf-8

Enable GeoLocation Lookup

Description

Specifies whether to enable/disable IP Geolocation lookup. Can be set at server, virtual host, or context level. IP Geolocation is disabled by default when using value "Not Set".

Syntax

Select from radio box

See Also

Use Client IP in Header, DB File Path,