Skip to content

Instantly share code, notes, and snippets.

What would you like to do?
<VirtualHost *:443>
DocumentRoot /var/www/html
<LocationMatch "^/(solr/core_[a-z]{2,4}/select)$">
Order allow,deny
Allow from
Satisfy any
AuthType Basic
AuthName Restricted
AuthBasicProvider file
AuthUserFile /etc/apache2/htpasswd
<LimitExcept OPTIONS>
Require valid-user
# CORS Handling
SetEnvIf Origin "^(https?://localhost(:[0-9]+)?|https?://[^.]+\.example\.org)$" ORIGIN=$0
Header always set Access-Control-Allow-Origin %{ORIGIN}e env=ORIGIN
Header always set Access-Control-Allow-Credentials "true" env=ORIGIN
Header always set Access-Control-Allow-Methods "POST,GET,OPTIONS" env=ORIGIN
Header always set Access-Control-Allow-Headers "Authorization,X-Requested-With,Content-Length,Content-Type" env=ORIGIN
Header always set Access-Control-Max-Age "86400" env=ORIGIN
Redirect 204
ProxyPassMatch "$1"
# Everything not matching LocationMatch returns 403.
RedirectMatch 403 "^(?!/solr/core_[a-z]{2,4}/select).*"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.