2

I'm using Apache Reverse Proxy, following is some of Apache Virtual Host configuration:

 ProxyRequests Off <Proxy *> AddDefaultCharset off Order deny,allow Allow from all </Proxy> ProxyVia On ProxyRequests Off ProxyPreserveHost On proxyPass / ajp://127.0.0.1:8009/

Now I want to restrict request url like http://example.com/admin/tools in such a way that it should allow to access from particular IP address only. How can I achieve this ?

EDIT:

As of above requirement this answer is working fine, Suppose I want allow to access admin URL from one or two IP's and rest IP's I want to redirect to index page instead of showing forbidden error, how can I get this ?

Improve this question

3 Answers 3

Reset to default
2

What version of apache are you using? One way to restrict access to resources based on the URL is to use

For example:

<Location /admin/tools> Order Deny,Allow Deny from all Allow from 192.168.1.34 </Location>
Improve this answer
1
  • I'm using Apache2.2 on Ubuntu, I'll try how you have suggested,Thanks Krist Commented Apr 3, 2013 at 10:06
1

As of above requirement this answer is working fine, Suppose I want allow to access admin URL from one or two IP's and rest IP's I want to redirect to index page instead of showing forbidden error, how can I get this ?

To expand on krist-van-besien's answer, you can do that with the help of ErrorDocument for 403 Forbidden like this:

<Location /admin/tools> Order Deny,Allow Deny from all Allow from 192.168.1.34 ErrorDocument 403 /index.php </Location>

Please note, that the user should have permissions to view the page you're redirecting him to. For more info you can check this question: Allowing blocked IP to view 403 ErrorDocument

Further reading:

Improve this answer
0

To expand on this scenario to apply to a RESTful web service endpoint vs. calling the endpoint from a web page.

Is there a way to proxy requests from a local server's web page and forward them to the web service address along with allowing local internal network requests (developers) access to the web service endpoint, yet still restrict direct external WS endpoint requests?

For example, if the web service is running on Tomcat (port 8080) and we are using mod_proxy to redirect the apache requests from the web page on port 80 -> tomcat:8080/webservice in our web page service calls.

<Location /admin/tools> Order Deny,Allow Deny from all Allow from localhost Allow from 127.0.0.1 Allow from *local.domain.com </Location> ProxyPass /admin/tools http://localhost:8080/admin/tools ProxyPassReverse /admin/tools http://localhost:8080/admin/tools

When I try this, it locks the entire WS endpoint access including the web page request going the the proxy pass endpoint.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.