Limit IP access to your web application using Apache Tomcat

No Comments »

It is possible that you’d like to limit access to your web application from some IPs, to enhance security. If your application is deployed on Apache Tomcat, you can do that pretty darn easy – you just have to edit the server.xml file.

For example :

<Engine name="Catalina" defaultHost="localhost">
    <Host name="localhost" appBase="webapps"
          unpackWARs="false" autoDeploy="true"
          xmlValidation="false" xmlNamespaceAware="false">
        <Valve className="org.apache.catalina.valves.AccessLogValve"
                directory="c:/Program Files/Apache Software Foundation/Tomcat 6.0/logs" prefix="localhost_access_log."
                suffix=".txt" pattern="common" resolveHosts="false"/>
	<Valve className="org.apache.catalina.valves.RemoteAddrValve"
         	allow="192.168.*.*,89.35.152.*,89.36.153.10"/>
    </Host>
</Engine>

This would limit access to the application deployed in the directory webapps in your tomcat to only the indicated IPs. Note that you can define those IPs using *.

Filed under: Programming by admin

doOriented.com

Limit IP access to your web application using Apache Tomcat

Post a Comment

Categories

Archives

Links

Meta