Return-Path: 
 <user-return-10069-apmail-couchdb-user-archive=couchdb.apache.org@couchdb.apache.org>
Delivered-To: apmail-couchdb-user-archive@www.apache.org
Received: (qmail 74370 invoked from network); 15 Apr 2010 22:58:37 -0000
Received: from unknown (HELO mail.apache.org) (140.211.11.3)
  by 140.211.11.9 with SMTP; 15 Apr 2010 22:58:37 -0000
Received: (qmail 17342 invoked by uid 500); 15 Apr 2010 22:58:36 -0000
Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org
Received: (qmail 17302 invoked by uid 500); 15 Apr 2010 22:58:36 -0000
Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@couchdb.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@couchdb.apache.org>
List-Post: <mailto:user@couchdb.apache.org>
List-Id: <user.couchdb.apache.org>
Reply-To: user@couchdb.apache.org
Delivered-To: mailing list user@couchdb.apache.org
Received: (qmail 17294 invoked by uid 99); 15 Apr 2010 22:58:36 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 15 Apr 2010 22:58:36 +0000
X-ASF-Spam-Status: No, hits=0.7 required=10.0
	tests=RCVD_IN_DNSWL_NONE,SPF_NEUTRAL
X-Spam-Check-By: apache.org
Received-SPF: neutral (athena.apache.org: local policy)
Received: from [82.216.111.41] (HELO smtp5.tech.numericable.fr)
 (82.216.111.41)
    by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 15 Apr 2010 22:58:28 +0000
Received: from gouda.local (abo-42-131-68.bdx.modulonet.fr [85.68.131.42])
	by smtp5.tech.numericable.fr (Postfix) with ESMTP id 386E8124017
	for <user@couchdb.apache.org>; Fri, 16 Apr 2010 00:58:06 +0200 (CEST)
Message-ID: <4BC79A03.90305@alexandreleray.com>
Date: Fri, 16 Apr 2010 00:58:11 +0200
From: Alexandre Leray <newsletters@alexandreleray.com>
User-Agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X 10.4; fr-FR;
 rv:1.9.1.9) Gecko/20100317 Lightning/1.0b1 Thunderbird/3.0.4
MIME-Version: 1.0
To: user@couchdb.apache.org
Subject: Re: Limit user access via proxy
References: <g2sf39928a61004151503q46aebc25lf1718a670c1ba583@mail.gmail.com>
In-Reply-To: <g2sf39928a61004151503q46aebc25lf1718a670c1ba583@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit

Hi, I'm not an expert so don't take my words for granted :-)

You might use some firewall like iptables or uncomplicated firewall 
(ufw) to restrict access to localhost.

What do you think?

Best

ALexandre Leray

Le 16/04/10 00:03, faust 1111 a écrit :
> I run Couch
> and nginx as proxy
> users can download files directly from couch
>
> But how i can limit access only read from my db (limit to remote ip)?
>
> Маy be it's better catch requests to files in my ruby app?
> but directly to couch is faster.
>
>