Re: Restrict Access to a set of IP in a specific URL

[John List <johnlist@xxxxxxxxxxxxxx>]

On 01/18/2014 06:45 PM, Jeff Dyke wrote:

Remember that IPs are easily spoofed.

(IP addresses can be spoofed, but that's not a security problem in a web context since any response from the web server will be directed to the spoofed IP address, not the one that spoofed it.)

but we all do it, and the access restrictions are so much cleaner, as well as other things in apache2.4, so if you can i'd upgrade.  You're obviously building these as VHosts, so they can go int the virutual host container, but you want this page: http://httpd.apache.org/docs/2.2/howto/access.html and http://httpd.apache.org/docs/2.2/mod/mod_authz_host.html#allow

In Apache 2.2

Order allow, deny

Allow from 172.168.10

Each vhost can do this in a separate <Directory /myapp/my-test1/demo/> block but does not seem useful . I would keep this out of Tomcat, but thats just me. 

Again, if you have the ability upgrade to 2.4, disable mod_compatibility and use the require all syntax, it will take more work, but apache has come a long way sing 2.2.

On Sat, Jan 18, 2014 at 2:46 PM, Dev Raj <devaraj.takhellambam@xxxxxxxxx> wrote:

Hi,

I have Apache 2.2 installed on my Unix Server and have a couple of Application servers running each of them having similar Document Root.

For example,
The URLS will look like below

https://my-test1.com/demo/index.html
https://my-prod1.com/demo/index.html
https://my-qa1.com/demo/index.html

The directory(Tomcat) folder looks like
/myapp/my-test1/demo/index.html
/myapp/my-prod1/demo/index.html
/myapp/my-qa1/demo/index.html


I would like to restrict access to the above prod1 URL for a specific set of IP's. How can I achieve this. Please tell.

--
Regards,
Devaraj