Link to home
Start Free TrialLog in
Avatar of hdaz
hdaz

asked on

mod_rewrite blocking jboss web-console

I would like to block the following

https://IPorName/web-console/serverinfo.jsp

I thought the following would work..

RewriteCond %{QUERY_STRING} (^|&)serverinfo.jsp(&|$)
RewriteRule ^web-console/severinfo.jsp$ - [F]

Am I missing something?

Cheers
Avatar of arober11
arober11
Flag of United Kingdom of Great Britain and Northern Ireland image
Just the following will do what you ask.

RewriteRule web-console/severinfo.jsp - [F,L]

Open in new window

Avatar of hdaz
hdaz

ASKER

Hi arober11 I have added the rule and restarted and it still allows me to the page?

Any ideas?

Thanks
Avatar of Erdinç Güngör Çorbacı
Erdinç Güngör Çorbacı
Flag of Türkiye image
For https consider this usage;

RewriteCond %{HTTPS} on
# RewriteCond %{QUERY_STRING} (^|&)serverinfo.jsp(&|$) #you may try escaping this line
RewriteRule ^web-console/severinfo.jsp$ - [F]
Avatar of arober11
arober11
Flag of United Kingdom of Great Britain and Northern Ireland image
Where have you placed the rule?

Are there any rules or proxy statements before this rule?
Avatar of Erdinç Güngör Çorbacı
Erdinç Güngör Çorbacı
Flag of Türkiye image
you can use this rule in the .htaccess file at root folder.

I showed the gerenic usage according to your question. If you need any other proxy ort port definitions just give us more information about them.
Avatar of hdaz
hdaz

ASKER

Hi thanks for the replies, I can't try anything for a while.. not to well at the moment..
Avatar of hdaz
hdaz

ASKER

Hi Sorry for the delay,

This is what I am putting within httpd.conf and/or ssl.conf

RewriteEngine on
RewriteLogLevel 0
RewriteCond %{HTTPS} on
RewriteRule ^web-console/severinfo.jsp$ - [F]
....
also tried

RewriteEngine on
RewriteLogLevel 0
RewriteCond %{HTTPS} on
RewriteCond %{QUERY_STRING} (^|&)web-console(&|$)
RewriteRule ^web-console/severinfo.jsp$ - [F]
....

Then restarting with /pathTO/httpd -f /pathTO/httpd.conf -k restart

Yet when I go to IP/web-console/ServerInfo.jsp it is still accessable...??
Avatar of arober11
arober11
Flag of United Kingdom of Great Britain and Northern Ireland image
You still haven't indicated if there are any ProxyPass entries in your config.

Note: Mod_Proxy takes precedence over mod_rewrite,  so if your using a ProxyPass directive to pass traffic on to JBoss you'll also need to replace the existing line with the equivalent RewriteRule e.g.

RewriteRule /web-console/   http://xxx.yyy.zzz:8080/web-console/   [p]
Avatar of hdaz
hdaz

ASKER

Hi Arober11,

Oh sorry using mod_jk like this ??

RewriteEngine on
RewriteLogLevel 0
RewriteCond %{HTTPS} on
RewriteCond %{QUERY_STRING} (^|&)web-console(&|$)
RewriteRule /web-console/   http://xxx.yyy.zzz:8080/web-console/   [p]
RewriteRule ^web-console/severinfo.jsp$ - [F]

cheers hdaz
ASKER CERTIFIED SOLUTION
Avatar of arober11
arober11
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of hdaz
hdaz

ASKER

Thanks very much arober11,

It seems I dont need to do anything with RewriteEngine and just JkUnMount from mod_jk.apache.conf

i.e.
JkUnMount /web-console/* ajp13

Thanks for the help, guess I was looking in the wrong place.
hdaz