httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joice Joseph <joice.jos...@mindcurv.com>
Subject Re: [users@httpd] Implement request white list in Apache
Date Fri, 08 Jul 2016 13:37:21 GMT
Thanks Rich Bowen and Marat Khalili for the quick and usable reply .

On Fri, Jul 8, 2016 at 2:53 PM, Rich Bowen <rbowen@rcbowen.com> wrote:

> Well, yes, you could do it with mod_rewrite. You could also presumably use
> a proxypassmatch as part of your tomcat setup if the whitelist is simple
> enough to express it as one regex. I expect, though, that mod_security will
> give you the biggest ! for your $ in a nontrivial scenario.
> On Jul 8, 2016 08:28, "Marat Khalili" <mkh@rqc.ru> wrote:
>
>> You can do this with mod_rewrite:
>>
>>     RewriteCond %{REQUEST_URI} !^allowed_url_1$
>>     RewriteCond %{REQUEST_URI} !^allowed_url_2$
>>     ...
>>     RewriteCond %{REQUEST_URI} !^allowed_url_N$
>>     RewriteRule .* - [F,L]
>>
>>
>> --
>>
>> With Best Regards,
>> Marat Khalili
>>
>>
>> On 08/07/16 13:53, Joice Joseph wrote:
>>
>> Hi All,
>>
>> Can someone help me to make the Apache in such a way that It will block
>> all the request filter by default and process only those specified requests
>> to tomcat server.
>>
>> --
>> ​​
>> ​Cheers​
>>
>>
>> *Joice Joseph *
>>
>>
>>


-- 
*Regards,*

*Joice Joseph*
*Linux System Administrator*









*Mindcurv TSPLTransAsia Corporate Park,VI Floor, XIV/396-C,Seaport Airport
Road,Kakkanad, Cochin - 682037   M: +91 8113988866www.mindcurv.com
<http://www.mindcurv.com/>*
*Mindcurv** - Award winning partner, 2013 Oracle Commerce Innovation
for **www.vers247.nl
<http://www.vers247.nl/>*
*CONFIDENTIALITY NOTICE: This e-mail and any attachments hereto are
intended only for use by the addressee(s) named herein and may contain*
*legally privileged and/or confidential information. If you are not the
intended recipient of this e-mail, you are hereby notified that
anydissemination, distribution or copying of this e-mail, and any
attachments thereto, is strictly prohibited. If you have received
thise-mail in error, please notify the sender by replying to this message
and permanently delete the original and any copy of this e-mail andany
printout thereof.*

Mime
View raw message