Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
<VirtualHost *:443>
ServerName solr.example.org
DocumentRoot /var/www/html
<LocationMatch "^/(solr/core_[a-z]{2,4}/select)$">
Order allow,deny
Allow from 127.0.0.1
Satisfy any
AuthType Basic
AuthName Restricted
AuthBasicProvider file
AuthUserFile /etc/apache2/htpasswd
<LimitExcept OPTIONS>
Require valid-user
</LimitExcept>
# CORS Handling
SetEnvIf Origin "^(https?://localhost(:[0-9]+)?|https?://[^.]+\.example\.org)$" ORIGIN=$0
Header always set Access-Control-Allow-Origin %{ORIGIN}e env=ORIGIN
Header always set Access-Control-Allow-Credentials "true" env=ORIGIN
<If "%{REQUEST_METHOD} == 'OPTIONS'">
Header always set Access-Control-Allow-Methods "POST,GET,OPTIONS" env=ORIGIN
Header always set Access-Control-Allow-Headers "Authorization,X-Requested-With,Content-Length,Content-Type" env=ORIGIN
Header always set Access-Control-Max-Age "86400" env=ORIGIN
Redirect 204
</If>
ProxyPassMatch "http://127.0.0.1:8983/$1"
</LocationMatch>
# Everything not matching LocationMatch returns 403.
RedirectMatch 403 "^(?!/solr/core_[a-z]{2,4}/select).*"
</VirtualHost>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.