Hi, My LocationMatch regex got removed somewhere on route to the mailing list. I had been trying to restrict access to login.do only.
However, this is not easy to do because security_check.jsp does a redirect and Apache thinks all requests are coming from internal addresses. The best solution I found was to have two virtualhosts, one listening on port 80 the other on port 443. The port 80 host is available to outside users via the firewall but uses mod_rewrite conditions to proxy only certain pages. The virtual server on port 443 is made available to internal users only, again via the firewall. The port 443 host has the entire roller application mounted and encrypts account credentials using mod_ssl. J -----Original Message----- From: Dave [mailto:[EMAIL PROTECTED] Sent: Sat 1/12/2008 03:24 To: [email protected] Subject: Re: restrict logins to IP range On Jan 8, 2008 10:14 AM, john moylan <[EMAIL PROTECTED]> wrote: > I'm using Roller 3.1 with Apache 2.0, JBoss 4.05 and mod_jk on Linux. > I am trying to restrict access so that users can only login from a single ip > range. > I have tried using the LocationMatch directive in apache, eg: > Order Deny,Allow > Deny from All > Allow from 192.168. > > But this does not seem to have any effect. > > Can anyone explain the best way to restrict logins to certain IP ranges? I don't know enough Apache HTTPD conf to help. That's probably a question for the HTTPD mailing list. But, if you deny access from all like that you'll be completely preventing access, not just preventing logins. Is that really what you want to do? - Dave *********************************************************** The information in this e-mail is confidential and may be legally privileged. It is intended solely for the addressee. Access to this e-mail by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution, or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. Please note that emails to, from and within RTÉ may be subject to the Freedom of Information Act 1997 and may be liable to disclosure. ************************************************************
