Solved

How can I limit access to TomCat web site which is accessed via reverse proxy

Posted on 2008-10-26
2
424 Views
Last Modified: 2013-12-02
I have an Apache server that is running a web site and also providing a reverse proxy to a TomCat server.

I have added the Order/Allow/Deny lines to this section of the httpd.conf file

<Directory />
    Options FollowSymLinks
    AllowOverride None

    Order deny,allow
    Deny from all
    Allow from 192.168.1.0/24
    Allow from 19.7.139.1
    Allow from 1.117.25.50
</Directory>

This is restricted access to all the sites on this server but I can still access the sites that are pointed to via the reverse proxy.  What do I need to do to have the reverse proxy sites filtered as well.

This is running on a Windows system.


Thanks.
0
Comment
Question by:RJLemon
2 Comments
 
LVL 27

Accepted Solution

by:
caterham_www earned 500 total points
Comment Utility
You may try a <proxy> container like

<Proxy *>
    Order deny,allow
    Deny from all
    Allow from 192.168.1.0/24
    Allow from 19.7.139.1
    Allow from 1.117.25.50
</Proxy>

Or a <Location /> container like
<Location />
    Order deny,allow
    Deny from all
    Allow from 192.168.1.0/24
    Allow from 19.7.139.1
    Allow from 1.117.25.50
</Location>
0
 

Author Closing Comment

by:RJLemon
Comment Utility
Thanks caterham,

The  section seems to have done the trick.

Ron.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
Most of the developers using Tomcat find it easy to configure the datasource in Server.xml and use the JNDI name in the code to get the connection.  So the default connection pool using DBCP (or any other framework) is made available and the life go…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now