Solved

using apache 2.2x and mod_authz_host to denying access (jboss is serving the site)

Posted on 2012-03-21
3
287 Views
Last Modified: 2012-03-22
Hi my question is about denying access to a range of IPs but I tried testing with "deny from all" but I am still able to access the site.

The current config is that apache is serving a site through jboss. so for example there is no local "/www/mysite/docs/".

I can confirm that modules/mod_authz_host.so is in the modules folder..

So I added the below to the httpd.conf

Alias /Login-Page/ "--not 100% sure what needs to go here as Jboss is serving the war--"
# I did try the full path the login page from within jboss deployment "server/default/tmp/deploy/tmp/...loginpage" just to see

            <Location /Login-Page/>
                SetHandler server-status
                Order Allow,Deny
                Deny from  all
#                Allow from <<IP address Range>>/24
            </Location>
0
Comment
Question by:hdaz
  • 2
3 Comments
 
LVL 12

Accepted Solution

by:
larsrohr earned 500 total points
ID: 37751144
You may just want:
  <Location />

Is the entire site served by jboss?
0
 
LVL 1

Author Comment

by:hdaz
ID: 37751709
Many thanks I removed:

Alias /Login-Page/ ""
SetHandler server-status

and set Location <Location "/"> :) does what it says on the tin now :)
0
 
LVL 1

Author Closing Comment

by:hdaz
ID: 37751713
yes JBoss is hosing the site.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
If you are a web developer, you would be aware of the <iframe> tag in HTML. The <iframe> stands for inline frame and is used to embed another document within the current HTML document. The embedded document could be even another website.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question