动态更新 Apache 配置“允许来自 IP”无需重新启动/重新加载?
我的目标是仅允许登录用户的 IP 访问 Apache 2.2 转发代理,同时拒绝所有其他 IP。
在代理虚拟主机中,我成功地包含了一个“允许来自”文件,每次用户登录或退出站点时,该文件都会动态重写(添加登录用户的 IP,同时删除注销用户的 IP) )。然而,这需要对 Apache 进行正常的重新启动/重新加载才能生效,并且我希望尽可能提高性能...因为当用户登录并传输到主页时,Apache 偶尔会出现在正确的位置。重新启动的中间并发出“忙”警告。
我想我可以将 Apache 的正常重启延迟一两秒,以减轻初始登录的压力,但如果有一种方法可以完全避免重新启动,我真的很高兴知道它。谢谢!
My goal is to allow access to an Apache 2.2 forwarding proxy to the IPs of logged-in users only, while denying all other IPs.
In the proxy virtual host, I've successfully included an "allow from" file that gets dynamically rewritten every time a user logs in or out of the site (adding the IP of logged-in users while deleting the IP of logged-out users). However, this requires a graceful restart/reload of Apache to take effect, and I'm looking to improve the performance if I can... because as the user logs in and is transported to the main page, occasionally Apache is right in the middle of the restart and issues a "busy" warning.
I suppose that I could delay the graceful restart of Apache by a second or two to ease the stress on the initial log-in, but if there is a way to avoid the restart altogether, I'd really appreciate knowing about it. Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
请不要这样做。这不是一个解决方案。
使用 Apache 的 mod_rewrite (RewriteModule) 中的 RewriteMap 指令实现基于动态文件的 IP 黑名单/白名单。
Please do not do this. This is not a solution.
Use RewriteMap directive from Apache's mod_rewrite (RewriteModule) to achieve a dynamic file based IP blacklisting/white listing.