How can I let anyone proxy thru apache to zope, and yet restrict all other proxying activity? Background. We've set up zope to get proxied through apache (1.3.x) via ProxyPass as described in http://www.zope.org/Members/anser/apache_zserver. Our httpd.conf contains: <IfModule mod_proxy.c> ProxyVia On ProxyRequests On ProxyPass /zope/ http://localhost:8080/ ProxyPassReverse /zope/ http://localhost:8080/ <Directory proxy:*> Order deny,allow Deny from all Allow from .foo.com, .someisp.com # Allow from all </Directory> </IfModule> So we have https://foo.com/zope/ pointing to the zope server on foo.com: https --> apache (port 443) --> zope (port 8080) Initially, we had restricted access to zope only from our domain and some selected external ISPs (e.g. employees working from home). Unfortunately, I've been asked to change this to "Allow from all"; i.e. allow anyone to reach zope from outside via the apache proxy, because people need access to it while on the road, etc. This has the unforunate side effect of allowing _any_ proxying from outside; i.e. apache is now essentially an open relay. Proxying to zope is OK since zope is password protected, but we want to disallow any other proxying activity. I haven't been able to find good documentation on the <Directory proxy:*> directive. Many thanks in advance. -- Paul