Sometimes it can be useful to restrict access to a server depending on the IP address of the client. When you’re developing an application and you wish to run some tests over the internet you don’t want everybody to have access to the documents or services you expose to the network.
Here is a way to allow access only from a certain range of IP addresses. For the following let’s assume that you want to allow only 220.127.116.11 and LAN adresses 192.168.1.* to access the server
If you want to protect the documents of a directory, a simple
.htaccess file is enough.
You just need to create a file named “.htaccess” in the directory you want to protect, with the following content:
1 2 3 4
Tomcat does not understand
In my case I wanted to restrict the access to the entire webserver. This can be done by modifying the context configuration.
Edit the file
context.xml located in the
conf directory of your Tomcat installation. You just need to add a valve within <Context>.
1 2 3 4 5 6 7 8
Note that the syntax is quite different from the one you would expect especially for regular expressions.
Tomcat should now reply with a 403 forbidden answer to unauthorized clients.
Don’t forget to restart Tomcat for the changes to take effect.