Mohit Anchlia wrote:
Few questions: 1. We have a webserver and we use mod_jk to redirect request to a servlet to our App server. Given this situation where file on the web server doesn't get accessed how can I block the IP at web server. Only option that I know of is RewriteCond. Is that what's advisable.
Just a naïve question : if you are not using the webserver itself (presumably Apache), and just use it to redirect all requests (via mod_jk) to your App server (presumably Tomcat or a derivative), then why do you have the webserver at all ? Why not eliminate the webserver and mod_jk, have your Appserver listen directly on port 80, and cut out the complication and overhead ?
You can block/allow IP's at the Tomcat level too. See : http://tomcat.apache.org/tomcat-5.5-doc/config/valve.html
2. Another question I had was sometimes we don't get real physical IP of the machine but the IP of something that's in between like "router", is there a way to get the real IP so that we don't end up blocking people coming from that "router" or "proxy"
In my opinion, you cannot. The whole point of such routers and proxies is to make the requests look like they are coming from the router/proxy, so that is the sender IP address you are seeing at your server level, and that's it. Your server never receives the original requester IP address.
3. Do I need to start the web server everytime new RewriteRule is added ?
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|