httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From John List <johnl...@gulfbridge.net>
Subject Re: [users@httpd] Restrict Access to a set of IP in a specific URL
Date Sun, 19 Jan 2014 02:59:01 GMT
On 01/18/2014 06:45 PM, Jeff Dyke wrote:
> Remember that IPs are easily spoofed.

(IP addresses can be spoofed, but that's not a security problem in a web 
context since any response from the web server will be directed to the 
spoofed IP address, not the one that spoofed it.)

> but we all do it, and the access restrictions are so much cleaner, as 
> well as other things in apache2.4, so if you can i'd upgrade.  You're 
> obviously building these as VHosts, so they can go int the virutual 
> host container, but you want this page: 
> http://httpd.apache.org/docs/2.2/howto/access.html and 
> http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow
>
> In Apache 2.2
>
> Order allow, deny
> Allow from 172.168.10
>
> Each vhost can do this in a separate <Directory /myapp/my-test1/demo/> 
> block but does not seem useful . I would keep this out of Tomcat, but 
> thats just me.
>
> Again, if you have the ability upgrade to 2.4, disable 
> mod_compatibility and use the require all syntax, it will take more 
> work, but apache has come a long way sing 2.2.
>
>
>
> On Sat, Jan 18, 2014 at 2:46 PM, Dev Raj 
> <devaraj.takhellambam@gmail.com 
> <mailto:devaraj.takhellambam@gmail.com>> wrote:
>
>     Hi,
>
>     I have Apache 2.2 installed on my Unix Server and have a couple of
>     Application servers running each of them having similar Document
>     Root.
>
>     For example,
>     The URLS will look like below
>
>     https://my-test1.com/demo/index.html
>     https://my-prod1.com/demo/index.html
>     https://my-qa1.com/demo/index.html
>
>     The directory(Tomcat) folder looks like
>     /myapp/my-test1/demo/index.html
>     /myapp/my-prod1/demo/index.html
>     /myapp/my-qa1/demo/index.html
>
>
>     I would like to restrict access to the above prod1 URL for a
>     specific set of IP's. How can I achieve this. Please tell.
>
>     -- 
>     Regards,
>     Devaraj
>
>


Mime
View raw message