The Apache Directory directive allows you to limit access to particular routes, ports, etc. for virtual hosts. However when we are proxying requests, directory path permissions are irrelevant. To limit access to proxied requests, we will use the Proxy directive:
# Apache/2.2 <VirtualHost *:80> <Proxy *> Order Deny,Allow Deny from all Allow from 18.104.22.168 Allow from 10.10. </Proxy> ServerName example.com ProxyPreserveHost On ProxyPass / http://localhost:8011/ ProxyPassReverse / http://localhost:8011/ </VirtualHost>
This will limit access just as we would expect (with the Directory directive), returning a Forbidden response. This is especially useful for securing internal traffic, health checks, or testing.
The mod_proxy and mod_proxy_http modules are required.