5 May
2002
5 May
'02
8:02 p.m.
davis marques writes:
I'm running Zope with Apache/PCGI and am wondering if there's any means by which you can prevent people from getting the /manage login dialog from outside a designated domain or IP range? Probably yes, though I did not yet try it:
I would use a rewrite rule that redirects URLs containing "manage" (after a '/') to a page saying "forbidden". This will definitely work. Apache supports conditional rewrite rules. I would look whether the condition can be specified based on the incoming IP. I am not sure whether this is possible, but if it is, your problem is solved. Dieter