restricting access to some components to LAN only

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

restricting access to some components to LAN only

snowch
Hi Forum,

I want to enable my custom component ("mycomp") to the internet, and only enable some of the stock components (but the stock ones should only accessible via the LAN).  Are there anyone on this forum that can verify my ofbiz apache config?

Many thanks in advance,

Chris

<VirtualHost *:443>
   # all traffic to my site is https only

   SSLEngine On
   SSLCertificateFile /etc/apache2/ssl/apache.pem

   ProxyVia On
   ProxyRequests Off
   ProxyPreserveHost On

   <Proxy *>
      AddDefaultCharset off
      Order allow,deny
      Allow from all
   </Proxy>

   <location />
      Order deny,allow
      Deny from all
   </location>
   <location /images>
      ProxyPass ajp://localhost:8009/images
      Order deny,allow
      Allow from all
   </location>
   <location /mycomp>
      ProxyPass ajp://localhost:8009/mycomp
      Order deny,allow
      Allow from all
   </location>
   <location /partymgr>
      ProxyPass ajp://localhost:8009/partymgr
      Order deny,allow
      Deny from all
      Allow from 192.168.0.0/24 # <-- LAN
   </location>
   # No other components are accessible unless explicitly enabled like
   # partymgr, above.
</VirtualHost>