diff options
| author | Colm MacCarthaigh <colm@apache.org> | 2005-10-29 12:07:01 +0200 |
|---|---|---|
| committer | Colm MacCarthaigh <colm@apache.org> | 2005-10-29 12:07:01 +0200 |
| commit | 990d669370ceb76a4b36926b48df11b108d818b6 (patch) | |
| tree | d407d1ca8e85249f44f417c3d8dace420a49c71a /docs | |
| parent | Make the release date formats non-assbackwards and more readily readable. (diff) | |
| download | apache2-990d669370ceb76a4b36926b48df11b108d818b6.tar.xz apache2-990d669370ceb76a4b36926b48df11b108d818b6.zip | |
Document the mod_cache / mod_authz_host problem.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@329388 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/manual/caching.xml | 25 | ||||
| -rw-r--r-- | docs/manual/mod/mod_cache.xml | 8 |
2 files changed, 33 insertions, 0 deletions
diff --git a/docs/manual/caching.xml b/docs/manual/caching.xml index 2ac84e8f92..f97d48b15e 100644 --- a/docs/manual/caching.xml +++ b/docs/manual/caching.xml @@ -319,6 +319,31 @@ Vary: negotiate,accept-language,accept-charset <title>Security Considerations</title> <section> + <title>Authorisation, Access & and Control</title> + + <p>Using <module>mod_cache</module> is very much like having a built + in reverse-proxy. Requests will be served by the caching module unless + it determines that the backend should be queried. When caching local + resources, this drastically changes the security model of Apache.</p> + + <p>As traversing a filesystem hierarchy to examine potential + <code>.htaccess</code> files would be a very expensive operation, + partially defeating the point of caching (to speed up requests), + <module>mod_cache</module> makes no decision about whether a cached + entity is authorised for serving. In other words; if + <module>mod_cache</module> has cached some content, it will be served + from the cache as long as that content has not expired.</p> + + <p>If, for example, your configuration permits access to a resource by IP + address you should ensure that this content is not cached. You can do this by + using the <directive module="mod_cache">CacheDisable</directive> + directive, or <module>mod_expires</module>. Left unchecked, + <module>mod_cache</module> - very much like a reverse proxy - would cache + the content when served and then serve it to any client, on any IP + address.</p> + </section> + + <section> <title>Local exploits</title> <p>As requests to end-users can be served from the cache, the cache diff --git a/docs/manual/mod/mod_cache.xml b/docs/manual/mod/mod_cache.xml index e1829e641d..8ac74c1d2d 100644 --- a/docs/manual/mod/mod_cache.xml +++ b/docs/manual/mod/mod_cache.xml @@ -29,6 +29,14 @@ <identifier>cache_module</identifier> <summary> + <note type="warning">This module should be used with care and + can be used to circumvent <directive + module="mod_authz_host">Allow</directive> and <directive + module="mod_authz_host">Deny</directive> directives. You + should not enable caching for any content to which you wish + to limit access by client host name, address or environment + variable.</note> + <p><module>mod_cache</module> implements an <a href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</a> compliant HTTP content cache that can be used to cache either local or proxied content. |