I have a reverse proxy that my site points to to help with DDoS protection. I have mod_rewrite set to use a specific header provided by the reverse proxy in order to pull the actual client IPs instead of the reverse proxy IP every time. This is because I want the log files to show the actual client IPs, and I want to restrict access to things like phpMyAdmin to only my home connection.
However, I am trying to use mod_rewrite to restrict access to my virtual hosts to only my reverse proxy so that every request to my site has to go through my revers proxy. Is there a way I can use the regular request IP (that would almost always be the reverse proxy) in only these mod_rewrite configurations instead of the one I am pulling from the custom header?
My mod_rewrite code for reference (ip-whitelist.txt) is a list of the reverse proxy's IPs.
RewriteEngine On
RewriteMap ipslist txt:ip-whitelist.txt
RewriteCond %{HTTP_X_FORWARDED_FOR} ^(.*)$
RewriteCond ${ipslist:%1|black} ^black$ [NC]
RewriteRule (.*) - [F]
