CODEWITHSUNDEEP
apachetomcat
gringogordo
gringogordo

Reputation: 2140

Disable direct access to application via Tomcat

I have a small local (internal to organisation) browser application running on Tomcat. I have inherited an application (also for internal organisation use only) running under PHP server which I have been asked to get running on the same box. I decided the best thing was to get both Tomcat and PHP running under Apache Web Server. Initially I thought this was essential although I now thing as long as I had left them running with different ports this was unnecessary (?).

I have got my Tomcat app running through Apache using the proxy_http_module. I was wondering if there is an easy way to stop direct access to the application via tomcat?

So for example in Tomcat the app is set to run as

http://localserver:1234/superapp

using the virtual host configuration apache allows access as

http://localserver/superapp

presumably this means if I now go in as http://localserver:1234/superapp I am bypassing apache web server ? Assuming (bold assumption) that I have not misunderstood the mechanism, is there a simple way to stop access directly via tomcat (http://localserver:1234/superapp).

Thanks.

Upvotes: 0

Views: 1215

Answers (1)

Maurice Perry
Maurice Perry

Reputation: 32831

You could consider using the proxy_ajp instead of proxy_http. But you can also use the RemoteAddrValve to define restrictions based on IP address:

<Engine name="Catalina" defaultHost="localhost">
    ...
    ...
    ...
    <Valve className="org.apache.catalina.valves.RemoteAddrValve"
        allow="127\.0\.0\.1"/>
    ...
</Engine>

Upvotes: 1

Related Questions