I am attempting to use LetsEncrypt with my home-rolled FreePBX instance so I can use TLS transport. In order for LetsEncrypt to work with FreePBX, I need to allow access to a list of hostnames to port 80 on my FreePBX instance. But I don't want to give the world access to my FreePBX admin interface.
The FreePBX server is behind my NATed router so I was hoping to use ProxyPass to forward the traffic using my existing Apache instance.
I would like to add a config like this:
Code:
<VirtualHost *:80>
ServerName freepbx.mydomain.org
Require forward-dns outbound1.letsencrypt.org outbound2.letsencrypt.org mirror1.freepbx.org mirror2.freepbx.org
ProxyPass / http://192.168.168.183
ProxyPassReverse / http://192.168.168.183
</VirtualHost>
I've got other proxys set up on my server, so I have some idea how to set them up. But any time I try to add a Require or Allow directive it says
Code:
Jun 12 09:59:13 myserver apache2[1718]: <RequireAll not allowed here
or
Code:
Jun 12 09:38:12 myserver apache2[26767]: order not allowed here
The documentation states:
Code:
The directive can be referenced within a <Directory>, <Files>,
or <Location> section as well as .htaccess files to control access
to particular parts of the server.
So, clearly this isn't an option for a VirtualHost section. I'm not finding any other information restricting access to a VirtualHost.
I am hoping someone has an idea on how to set this up.