tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: Using RemoteAddressValve with an Apache mod_proxy_balancer
Date Mon, 21 Dec 2009 09:16:50 GMT
Bill Barker wrote:
> Which gives a third option to the OP, which is to use the useIPVHosts="true" 
> option on the <Connector ... />, and only configure <Host .../>s for the

> ones that he wants to allow to connect (and the default Host just returns 
> 404 to every request).

Yes, that possibility was kind of nagging at me since the beginning.
This would also be valid for all protocols and all Connectors, wouldn't it ?

<Host name="defaultHost" ........>
   ... always returns 404
<Host name="allowedHosts"  ....>

It is not really secure yet, but incrementally harder to fake than a 
secret or a header.  And it does not require any change of configuration 
at the proxy server level.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message