from http://hints.macworld.com/article.php?story=20010117003458918
위의 내용을 참고해서 아래를 붙여넣어 테스트 결과 잘됨. (포트는 80으로 되더라는...)
(
<IfModule mod_proxy.c>
ProxyRequests On
<Directory proxy:*>
Order deny,allow
#Deny from all
Allow from all
#NOTE: Replace '.your_domain.com' with your IP number(s)!
</Directory>
#
# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block
#
ProxyVia On
</IfModule>
-----------------------------------------------------------------------------------------
아래는 전체 메시지이다.
A proxy server is nothing more than a server which sits between a client (such as a web browser) and a real server (such as a web host). It intercepts all requests sent by the client and decides if it can handle the request itself. If it cannot, it then passes the request on to the real server.
Why might you find this useful? There are two primary reasons. First, if you're a parent, you can use the proxy server to control which sites your kids can and cannot have access to. This may make you feel slightly more comfortable leaving them alone in front of the machine ... although any child with some level of net experience will be able to find ways to get what they wanted anyway.
Since the proxy will block sites that you specify, you can also use it to block ad servers such as www.doubleclick.net (and there goes any chance of ever having advertisers on this site ... want to get blacklisted ... just explain how to block ad servers! ;-)
The second usage is for caching web content locally. If you have a connection that's shared between multiple computers, you can use the proxy to store pages locally. That way, if you browse cnn.com and your spouse visits the site 30 seconds later from another machine, they will get a locally cached page which will be served very quickly.
Read the rest of this article if you'd like instructions on setting up Apache's proxy server.
The first step is to make sure your web server is stopped. You can do this through the System Preferences -> Network -> Services tab, or via the terminal. Since we're going to do the rest of this in a terminal session, you might as well start there. Open a terminal, and login as root ("su" and enter your password). Then type
apachectl stopThis will stop the webserver.
Once Apache is stopped, you'll want to make a backup copy of your configuration file, in case you make a mistake:
cd /Library/WebServer/ConfigurationNote that a backup file may already exist; you can use a new name if you'd like to keep everything intact.
cp apache.conf apache.bak
Pick your favorite editor, and edit the file named "apache.conf". I'm using vi, but emacs and pico will also work.
First we need to load and add the proxy module to the server. Find the section (it's around line 231 in my config):
#LoadModule digest_module /System/Library/Apache/Modules/mod_digest.soRemove the comment ("#") from the second line.
#LoadModule proxy_module /System/Library/Apache/Modules/libproxy.so
#LoadModule cern_meta_module /System/Library/Apache/Modules/mod_cern_meta.so
Now search for this section (it's around line 269 in my file):
#AddModule mod_digest.cAgain, remove the comment mark from the second line.
#AddModule mod_proxy.c
#AddModule mod_cern_meta.c
These two steps activated the proxy server module. Now we need to do some basic configuration. Search for the section that begins as follows (it's around line 937 in my file):
# Proxy Server directives. Uncomment the following lines toUncomment all the lines that are code (not comments). When you are done, it should look like this:
# enable the proxy server:
# Proxy Server directives. Uncomment the following lines toNotice two small things. First, Deny from all is left commented out -- otherwise, you wouldn't be able to browse the web at all! Second, you need to enter the IP numbers that you will allow to use the proxy server in the Allow from line. If you have more than one, enter them separated by a space.
# enable the proxy server:
#
<IfModule mod_proxy.c>
ProxyRequests On
<Directory proxy:*>
Order deny,allow
#Deny from all
Allow from .your_domain.com
#NOTE: Replace '.your_domain.com' with your IP number(s)!
</Directory>
#
# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
# Set to one of: Off | On | Full | Block
#
ProxyVia On
#
# To enable the cache as well, edit and uncomment the following lines:
# (no cacheing without CacheRoot)
#
CacheRoot "/Library/WebServer/ProxyCache"
CacheSize 5
CacheGcInterval 4
CacheMaxExpire 24
CacheLastModifiedFactor 0.1
CacheDefaultExpire 1
NoCache a_domain.com another_domain.edu joes.garage_sale.com
</IfModule>
# End of proxy directives.
That's it for basic configuration. The cache settings are all very tweakable, and I highly recommend reading this article on the apache.org website for full details on all the variables and what they mean.
If you want to use the proxy server to block sites, you need to add the ProxyBlock directive. This command can go basically anywhere in the apache.conf file, but I added it in the proxy section, so that it would be easy to find. The format is simple, as you can see in this example:
ProxyBlock playboy.com penthouse.com adserver.ugo.comAny sites listed will be blocked from browsing, and return errors when called from within pages, as you can see here:
Once you've added the sites you would like blocked (note that it's useful for debugging to include one at first, so you can verify the proxy server is working correctly), save your changes and then restart the webserver with:
apachectl startRemember to then disconnect from your root editing session!
The final step is to tell your browser that you want to use the proxy server to serve your web pages. In Explorer, go into Edit-Preferences and the Proxies tab, and check the Web Proxy box. Enter 127.0.0.1 as the server address. You should now be good to go; test it by trying to browse one of the sites you listed in the ProxyBlock statement. You should get a message like this:
Proxy Error
You don't have permission to access http://www.playboy.com/ on this server.
Although this is a long tutorial, setting up a proxy server is relatively trivial, and could save you some time and relieve some of your worries about what sites your kids are hitting in your absence.
Hint Options
Click here to return to the 'How and why to use the Apache proxy server' hint |
I tried this and now all I get are 403 Forbidden errors when I try to surf through the proxy server. The Apache log shows the following line:
127.0.0.1 - - [05/Jan/2002:23:14:47 -0500] "GET http://www.nytimes.com/ HTTP/1.0" 403 285I suppose the 127.0.0.1 localhost is the address of the requesting "machine," in this case, the proxy server. I don't know if that is correct -- the supposition or the setting. The part that I am merely curious about is the HTTP/1.0 part. I thought everything was up to HTTP 1.1. Ideas?
If it's of any consequence, I have DSL and a Linksys router with static addressing.
Can anyone lend me a hand?
I set up the proxy server on the machine that I work on, just to do it and see if it would work. I set the proxy server to the loopback address but I didn't <Allow> the loopback address in the proxy config file. Duh. Hope this helps anyone else trying this.
Out of 22K page views and top rank on Google for OS X Proxy and it gets 1 star?!
Problem is only four people voted and I suspect they have personal reasons not to like proxy servers (sorry kids).
I gave it top ranking. If you like it, thank the author.
--
John Faughnan
jfaughnan@spamcop.net
www.faughnan.com
'IT > computing' 카테고리의 다른 글
맥의 각종 젠더, 컨버터의 active passive 여부 for 모니터 연결 (0) | 2015.06.23 |
---|---|
dns flush in windows (0) | 2015.05.06 |
ddwrt 언어바꾼뒤 webUI 로그인 안될때 패스워드 및 설정 리셋 (0) | 2014.09.13 |
ddwrt dns 강제 설정 (0) | 2014.09.13 |
dos 의 무한루프? 혹은 윈도에서의 무한루프 (0) | 2012.08.30 |
A much easier way to block web sites that works with Linux and might work with OSX as well is to edit your /etc/hosts file and add lines like the following to it:
0.0.0.0 www.site-to-block.com
0.0.0.0 www.another-site-to-block.com
and so on.
changes to /etc/hosts take effect in subsequently-running applications; already running ones are unaffected, as the file is only read when apps are started.