Recently to begin the process of alpha testing our application jointly with our customers we wanted to add an additional layer of security and block/allow various IP ranges. Having done most of our configuration in Apache, we saw no reason not to do so with mod_authz_host.

And so we set a couple of allows with:

Allow from address

And everything worked wonderfully on our end. Until the customer tried to access the site and complained about latency beyond our wildest imagination… a minute to load the homepage?! It looked so zippy to us….

In any case, many hours later my teammate realized that it was apache’s access control processing causing the delay! We switched to using iptables and everything is back to normal… strange eh?