Using /conf/context.xml to ban visiting from some IP address.
The Remote Address Filter supports the following configuration attributes:
| Attribute | Description |
|---|
className |
Java class name of the implementation to use. This MUST be set to org.apache.catalina.valves.RemoteAddrValve.
|
allow |
A regular expression (using java.util.regex) that the remote client's IP address is compared to. If this attribute is specified, the remote address MUST match for this request to be accepted. If this attribute is not specified, all requests will be accepted UNLESS the remote address matches a deny pattern.
|
deny |
A regular expression (using java.util.regex) that the remote client's IP address is compared to. If this attribute is specified, the remote address MUST NOT match for this request to be accepted. If this attribute is not specified, request acceptance is governed solely by theaccept attribute.
|
denyStatus |
HTTP response status code that is used when rejecting denied request. The default value is 403. For example, it can be set to the value404.
|
|
| Example |
To allow access only for the clients connecting from localhost:
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
allow="127\.\d+\.\d+\.\d+|::1|0:0:0:0:0:0:0:1"/>
|
Example:
<?xml version='1.0' encoding='utf-8'?>
<Context>
<WatchedResource>WEB-INF/web.xml</WatchedResource>
<Valve className="org.apache.catalina.valves.RemoteAddrValve" deny="162\.244\.213\.47,108\.61\.252\.64,99\.236\.210\.42,23\.101\.186\.189,92\.196\.3\.66,37\.221\.169\.155,92\.4\.68\.92,92\.4\.74\.7,90\.202\.147\.189,82\.25\.241\.192"/>
<ResourceLink name="SubwayDS"
global="SubwayDS"
type="oracle.jdbc.pool.OracleDataSource" />
</Context>
Comments
Post a Comment