How to restrict url access with apache to certain IP?

0

Issue

I’m using a apache2 on ubuntu, in front of a tomcat8 webserver.
I want to restrict access to localhost/manager to only a specific ip address.

The server is in my internal network and has the ip 102.168.139.111. I want to be able to access the /manager endpoint only from my local machine 192.168.128.222, and from nowhere else.

But the following does not work and I’m always getting a 403 Permission denied. Why?

apache2.conf:

<Location /manager/*>
        Order Allow,Deny
        Deny from  all
        Allow from 192.168.128.197
</Location>

With:

/etc/apache2/sites-available/000-default.conf

<VirtualHost *:80>
    ProxyPreserveHost On

    ProxyPass / http://127.0.0.1:8080/
    ProxyPassReverse / http://127.0.0.1:8080/
</VirtualHost>

Sidenote: taking the <Location...> out will allow access to my local IP as expected. So the server configuration in general seems to be fine. Just restricting does not work.

Solution

It’s probably an order of statements issue. The following works (on root path):

<Location />
        Order Deny,Allow
        Deny from all
        Allow from 192.168.
</Location>

Answered By – membersound

This Answer collected from stackoverflow, is licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0

Leave A Reply

Your email address will not be published.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More