On 4/6/20 2:13 PM, Mark Eggers wrote:
# Secure your proxy - localhost for now - this is IMPORTANT
<Proxy "*">
Require ip 127
</Proxy>
Dear Mr. Eggers:
It seems I was right about how what you said about this, and what the
docs say about it, appeared to contradict each other: with that in the
VirtualHost with the ProxyPass and ProxyPassReverse directives, it
blocked all outside access through the proxy.
Once I commented out those lines, I got proxied straight to the default
ROOT context.
Then, when I reactivated the valve in the manager app, I found that I
was still able to get into it via the proxy, but not directly.
I've now put this in
<Proxy "https://qux.baz.com/manager";>
Require ip xx.yy.zz.qq
</Proxy>
<Proxy "https://corge.bax.com/manager";>
Require ip xx.yy.zz.qq
</Proxy>
where xx.yy.zz.qq is my office IP address. I could get in just fine.
Then I changed the IP address to something different, restarted my
browser, and I could still get in. I also tried it with "/*" on the ends
of the URLs, and with "/html" on the ends, and with "/html/*" on the
ends. I also went back to the original "*" on one of them, and it went
back to locking me out of everything. Something doesn't seem right here.
--
JHHL
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
