troubleshooting Question

How to setup Tomcat/Apache to restrict ip range access to a target directory

Avatar of JAaron Anderson
JAaron AndersonFlag for United States of America asked on
Apache Web ServerJava App Servers
2 Comments1 Solution2528 ViewsLast Modified:
I have a .war file which consists of two individual URL automatic re-write addresses
a) /admin
b) /customer

each of these mappings resolve to two separate java servlet beans

In my httpd.conf I have port 443 only set NO port 80
My Goal ::.
***********************************************************
How can I restrict the auto re-write URL a) /admin to ONLY be accessible
by a whitelist ip cluster ***.***.***.*** and not impact URL b) /customers
accessibility from the public Internet Cloud from all :443 client requests ?
***********************************************************
Can I add a distinct Virtual Host instruction block with specific restriction clause
 configurations for /admin directory whitelisting the targeted IP octet cluster?

thanks in advance
I posted before but said it was an answer when it only sort of worked but did not fully solve the administration I intended.

adding did not seem to be enough :

<Location  /admin/>
  Order Deny,Allow
  Deny from all
  Allow from xxx.yyy.zzz
...
</Location>

#Listen 127.0.0.1:80 #fake ip for code example
#Listen 80
<VirtualHost 127.0.0.1:443> #fake ip for code example
        DocumentRoot /var/www/html
        ServerName ******.******.***
        ServerAdmin admin@******.***
        ErrorLog /***/*****/****/ssl_error_log
        TransferLog /***/****/*****/ssl_access_log
        SSLEngine On
        SSLCertificateFile /***/*****/******/****.crt
        SSLCertificateKeyFile ***/*****/******/****.key
</VirtualHost>
 
 
Open in New WindowSelect All
ASKER CERTIFIED SOLUTION
Michael Worsham
Cloud/Infrastructure Solutions Architect

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 2 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 2 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros