httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: [users@httpd] Block IP
Date Wed, 04 Jun 2008 19:25:40 GMT

Mohit Anchlia wrote:
> Few questions:
> 1. We have a webserver and we use mod_jk to redirect request to a servlet to
> our App server. Given this situation where file on the web server doesn't
> get accessed how can I block the IP at web server. Only option that I know
> of is RewriteCond. Is that what's advisable.

Just a naïve question : if you are not using the webserver itself 
(presumably Apache), and just use it to redirect all requests (via 
mod_jk) to your App server (presumably Tomcat or a derivative), then why 
do you have the webserver at all ?  Why not eliminate the webserver and 
mod_jk, have your Appserver listen directly on port 80, and cut out the 
complication and overhead ?
You can block/allow IP's at the Tomcat level too.
See :

> 2. Another question I had was sometimes we don't get real physical IP of the
> machine but the IP of something that's in between like "router", is there a
> way to get the real IP so that we don't end up blocking people coming from
> that "router" or "proxy"

In my opinion, you cannot.  The whole point of such routers and proxies 
is to make the requests look like they are coming from the router/proxy, 
so that is the sender IP address you are seeing at your server level, 
and that's it.  Your server never receives the original requester IP 

> 3. Do I need to start the web server everytime new RewriteRule is added ?

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message