JAaron Anderson
asked on
How to setup Tomcat/Apache to restrict ip range access to a target directory
I have a .war file which consists of two individual URL automatic re-write addresses
a) /admin
b) /customer
each of these mappings resolve to two separate java servlet beans
In my httpd.conf I have port 443 only set NO port 80
My Goal ::.
************************** ********** ********** ********** ***
How can I restrict the auto re-write URL a) /admin to ONLY be accessible
by a whitelist ip cluster ***.***.***.*** and not impact URL b) /customers
accessibility from the public Internet Cloud from all :443 client requests ?
************************** ********** ********** ********** ***
Can I add a distinct Virtual Host instruction block with specific restriction clause
configurations for /admin directory whitelisting the targeted IP octet cluster?
thanks in advance
I posted before but said it was an answer when it only sort of worked but did not fully solve the administration I intended.
adding did not seem to be enough :
<Location /admin/>
Order Deny,Allow
Deny from all
Allow from xxx.yyy.zzz
...
</Location>
a) /admin
b) /customer
each of these mappings resolve to two separate java servlet beans
In my httpd.conf I have port 443 only set NO port 80
My Goal ::.
**************************
How can I restrict the auto re-write URL a) /admin to ONLY be accessible
by a whitelist ip cluster ***.***.***.*** and not impact URL b) /customers
accessibility from the public Internet Cloud from all :443 client requests ?
**************************
Can I add a distinct Virtual Host instruction block with specific restriction clause
configurations for /admin directory whitelisting the targeted IP octet cluster?
thanks in advance
I posted before but said it was an answer when it only sort of worked but did not fully solve the administration I intended.
adding did not seem to be enough :
<Location /admin/>
Order Deny,Allow
Deny from all
Allow from xxx.yyy.zzz
...
</Location>
#Listen 127.0.0.1:80 #fake ip for code example
#Listen 80
<VirtualHost 127.0.0.1:443> #fake ip for code example
DocumentRoot /var/www/html
ServerName ******.******.***
ServerAdmin admin@******.***
ErrorLog /***/*****/****/ssl_error_log
TransferLog /***/****/*****/ssl_access_log
SSLEngine On
SSLCertificateFile /***/*****/******/****.crt
SSLCertificateKeyFile ***/*****/******/****.key
</VirtualHost>
Open in New WindowSelect All
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER