You can also use the ip_allow configs inside a remap rule -- like:
map http://inbound.example.com http://origin.example.com \
@src_ip=10.0.0.0-10.255.255.255 \
@action=allow
or
map http://inbound.example.com http://origin.example.com \
@action=deny @method=CONNECT @method=POST @method=PUT @method=DELETE
On Fri, Nov 18, 2016 at 10:51 AM, Alan Carroll
<solidwallofcode@yahoo-inc.com> wrote:
> It's certainly possible to do in a custom plugin. I'm working on one right
> now, actually, to do that, although it's unfortunately proprietary.
>
> Another way to consider is to use map or regex_remap in remap.config to map
> all requests to a domain to an error page.
>
> The standard header-rewrite plugin might work as well, by setting the return
> code.
>
>
> On Friday, November 18, 2016 11:51 AM, Di Li <di_li@apple.com> wrote:
>
>
> Hi,
>
> Question for Access control, I see there’s ip_allow.config, where we can
> define source ip and destination IP, as well as HTTP method.
>
> Is there a way to support domain based filter like @xxx.com may be not in
> this ip_allow but in other config or plugins ?
>
>
> Thanks,
> Di Li
>
>
>
|