hdaz
asked on
mod_rewrite blocking jboss web-console
I would like to block the following
https://IPorName/web-console/serverinfo.jsp
I thought the following would work..
RewriteCond %{QUERY_STRING} (^|&)serverinfo.jsp(&|$)
RewriteRule ^web-console/severinfo.jsp $ - [F]
Am I missing something?
Cheers
https://IPorName/web-console/serverinfo.jsp
I thought the following would work..
RewriteCond %{QUERY_STRING} (^|&)serverinfo.jsp(&|$)
RewriteRule ^web-console/severinfo.jsp
Am I missing something?
Cheers
ASKER
Hi arober11 I have added the rule and restarted and it still allows me to the page?
Any ideas?
Thanks
Any ideas?
Thanks
For https consider this usage;
RewriteCond %{HTTPS} on
# RewriteCond %{QUERY_STRING} (^|&)serverinfo.jsp(&|$) #you may try escaping this line
RewriteRule ^web-console/severinfo.jsp $ - [F]
RewriteCond %{HTTPS} on
# RewriteCond %{QUERY_STRING} (^|&)serverinfo.jsp(&|$) #you may try escaping this line
RewriteRule ^web-console/severinfo.jsp
Where have you placed the rule?
Are there any rules or proxy statements before this rule?
Are there any rules or proxy statements before this rule?
you can use this rule in the .htaccess file at root folder.
I showed the gerenic usage according to your question. If you need any other proxy ort port definitions just give us more information about them.
I showed the gerenic usage according to your question. If you need any other proxy ort port definitions just give us more information about them.
ASKER
Hi thanks for the replies, I can't try anything for a while.. not to well at the moment..
ASKER
Hi Sorry for the delay,
This is what I am putting within httpd.conf and/or ssl.conf
RewriteEngine on
RewriteLogLevel 0
RewriteCond %{HTTPS} on
RewriteRule ^web-console/severinfo.jsp $ - [F]
....
also tried
RewriteEngine on
RewriteLogLevel 0
RewriteCond %{HTTPS} on
RewriteCond %{QUERY_STRING} (^|&)web-console(&|$)
RewriteRule ^web-console/severinfo.jsp $ - [F]
....
Then restarting with /pathTO/httpd -f /pathTO/httpd.conf -k restart
Yet when I go to IP/web-console/ServerInfo. jsp it is still accessable...??
This is what I am putting within httpd.conf and/or ssl.conf
RewriteEngine on
RewriteLogLevel 0
RewriteCond %{HTTPS} on
RewriteRule ^web-console/severinfo.jsp
....
also tried
RewriteEngine on
RewriteLogLevel 0
RewriteCond %{HTTPS} on
RewriteCond %{QUERY_STRING} (^|&)web-console(&|$)
RewriteRule ^web-console/severinfo.jsp
....
Then restarting with /pathTO/httpd -f /pathTO/httpd.conf -k restart
Yet when I go to IP/web-console/ServerInfo.
You still haven't indicated if there are any ProxyPass entries in your config.
Note: Mod_Proxy takes precedence over mod_rewrite, so if your using a ProxyPass directive to pass traffic on to JBoss you'll also need to replace the existing line with the equivalent RewriteRule e.g.
RewriteRule /web-console/ http://xxx.yyy.zzz:8080/web-console/ [p]
Note: Mod_Proxy takes precedence over mod_rewrite, so if your using a ProxyPass directive to pass traffic on to JBoss you'll also need to replace the existing line with the equivalent RewriteRule e.g.
RewriteRule /web-console/ http://xxx.yyy.zzz:8080/web-console/ [p]
ASKER
Hi Arober11,
Oh sorry using mod_jk like this ??
RewriteEngine on
RewriteLogLevel 0
RewriteCond %{HTTPS} on
RewriteCond %{QUERY_STRING} (^|&)web-console(&|$)
RewriteRule /web-console/ http://xxx.yyy.zzz:8080/web-console/ [p]
RewriteRule ^web-console/severinfo.jsp $ - [F]
cheers hdaz
Oh sorry using mod_jk like this ??
RewriteEngine on
RewriteLogLevel 0
RewriteCond %{HTTPS} on
RewriteCond %{QUERY_STRING} (^|&)web-console(&|$)
RewriteRule /web-console/ http://xxx.yyy.zzz:8080/web-console/ [p]
RewriteRule ^web-console/severinfo.jsp
cheers hdaz
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks very much arober11,
It seems I dont need to do anything with RewriteEngine and just JkUnMount from mod_jk.apache.conf
i.e.
JkUnMount /web-console/* ajp13
Thanks for the help, guess I was looking in the wrong place.
hdaz
It seems I dont need to do anything with RewriteEngine and just JkUnMount from mod_jk.apache.conf
i.e.
JkUnMount /web-console/* ajp13
Thanks for the help, guess I was looking in the wrong place.
hdaz
Open in new window