Hi Johnson, I run the application in my local LAN. for example:
dev_appserver.py -a 192.168.1.1 -p 80 myapp then every one under 192.168.1.x can visit this app by http://192.168.1.1/ but they can also visit the database directly by http://192.168.1.1/_ah/admin How can I make sure the "_ah/admin" can be only use at where the dev_appserver.py server running on? Thanks! On Aug 24, 6:05 pm, "Nick Johnson (Google)" <nick.john...@google.com> wrote: > Hi Allen, > > On Mon, Aug 24, 2009 at 2:36 AM, Allen <allen.lu...@gmail.com> wrote: > > > As we know we can use "http://localhost/_ah/admin"; to go through the > > local database before upload to GAE. And we can not directly use > > "http://www.mydomain.com/_ah/admin"; to visit the online database after > > "appcfg.py" to GAE. > > > My question is: > > > how can I achieve the same as online database? How to limit the local > > "_ah/admin"? > > > When I developing local webserver, I don't wanna everyone can visit > > database directly by "_ah/admin" > > You shouldn't be using the dev_appserver anywhere that untrusted users can > access it. Also, by default the dev_appserver is only accessible from the > machine it's running on - it's not possible to make requests to it from > another machine. > > -Nick Johnson > > > > > Thanks a lot!!! > > -- > Nick Johnson, Developer Programs Engineer, App Engine --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google App Engine" group. To post to this group, send email to google-appengine@googlegroups.com To unsubscribe from this group, send email to google-appengine+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/google-appengine?hl=en -~----------~----~----~----~------~----~------~--~---
