Apache as Proxy question

Chuck Bearden cbearden at sparc.hpl.lib.tx.us
Wed Jan 21 18:30:08 EST 1998 

On Wed, 21 Jan 1998, Shaken Angel wrote:

> 
> Hey all,
> 
> I'm involved with setting up an Apache server on a Linux box as a proxy
> web server for a local school.  However, this being a *school*, meaning a
> high school setup, the folks in charge don't want kids going to any of the
> Internet's plethora of goat porn sites.  I see in the documentation for
> Apache's proxy module that there's a ProxyBlock directive for blocking out
> sites, but I don't see the logical "ProxyAllow" directive for *allowing*
> sites.  See, what I/the school want to do is *block* every site on the
> Internet *except* for a few, like library databases and the like, and I
> don't especially relish the thought of having a ProxyBlock directive with
> a billion-million URLs in it.  I'm not CyberSitter.
> 
> Is there any way to do this with Apache's Proxy module?  Any help would be
> greatly appreciated!  Thankee.
> 
> -- john f., miami u library systems

I'm not that experienced with the proxy settings for Netscape, but here's
one option I know will work as long as your users all run Netscape (and
not MSIE). 

Netscape solution:
    a.  Set up browsers to load a proxy auto-configuration file from a 
        server of your choice;
    b.  Make the auto-config file read something like this:

function FindProxyForURL (url, host) 
{
  if (shExpMatch(host, "*.highschool.fl.us"))
    return "DIRECT";
  else    
    return "PROXY blockem.highschool.fl.us:8080";
}

    c.  Enable proxying in Apache, making it listen on port 8080, but 
        use the "ProxyBlock *" directive.

Any hostnames that match the expressions you give in the shExpMatch
condition will be contacted directly by the workstation; any that don't
match will be directed to the proxy "blockem", which denies all requests. 
You can list more hosts or host patterns in the shExpmatch condition. 

Netscape has some instructions on writing the autoconfig files at:

http://search.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html

Another possibility: will the "ProxyBlock *" also block requests for URLs 
mapped in to the server's space with the ProxyPass directive?

Chuck
-------------------------------------------------------------
Chuck Bearden			email: cbearden at hpl.lib.tx.us
Network Services Librarian
Automation Department		voice: 713/247-2264
Houston Public Library		fax:   713/247-1182
500 McKinney Ave.
Houston, TX  77002		
-------------------------------------------------------------
      -=>HPL's Homepage: http://www.hpl.lib.tx.us<=-

More information about the Web4lib mailing list