The * sign after the PROXY command indicates the destination address accessed by the client using the proxy server. In the preceding two examples, "*" indicates all addresses, that is, the proxy server is prohibited from accessing all addresses. If you want to prohibit only some addresses, refer to the following example:
Order deny, allow
Deny from all
Allow from 127.0.0.1
Order allow, deny
Allow from all
Deny from 127.0.0.1
The example above indicates that only local computers are allowed to access
Http://www.google.com/
And disable Local Computer
Http://www.yahoo.co.jp/r/
. Because Apache's PROXY Command currently does not support multiple target addresses, that is, it cannot be written in the Form. Therefore, if you want to restrict multiple target addresses, multiple proxy commands must be used.
If you want to restrict all users (not just some users) from accessing certain addresses, you can use the proxyblock command:
Proxyblock Microsoft co.jp www.google.com
The preceding command blocks three target addresses: including Microsoft addresses, co.jp addresses, and www.google.com addresses. However, you will find that,
Http://www.google.com/
And
Http://www.google.co.kr/
(Google South Korea site) will not be accessible, and
Http://www.google.co.kr/
And
The above blocking rules are not met. This is because, when Apache is started, it will resolve the domain name string in the blocked address that looks like a host name or domain name. If the resolution is successful, the corresponding target will be blocked.
IP address. Www. Google. co. kr and www.google.com have the same IP address, so www. Google. co. kr is blocked at the same time. Another
Apache tries to resolve the domain name, so when you use proxyblock, Apache will start longer.
In addition, if you write proxyblock *, you cannot access any address through the proxy server.
Finally, we will introduce the second-level proxy. Apache can be used as a secondary proxy, that is, Apache, which is already a proxy server, can connect to the Internet through other proxy servers. Add the following commands:
Proxyremote * http: // 12.34.56.78: 8080
Apache can use 12.34.56.78: 8080 as the proxy server. The first parameter after the proxyremote command indicates the protocol name or target address, for example:
Proxyremote FTP http: // 12.34.56.78: 8080 # use a second-level proxy for all FTP requests
Proxyremote http://www.google.com/http: // 12.34.56.78: 8080 # use a secondary agent when accessing www.google.com
How to configure proxy server in Apache (2)