You may want to take a look at this how-to: http://www.zope.org/Members/march/howtos/ProctectManageAccessUsingRewiteRule In adition, if you do need to access your Zope server from outside, or in general, if you want to fine tune the way your server is accessed, you'd need to use Access Rules. Ausum ----- Original Message ----- From: "lee doolan" <leed_25m@lycos.com> To: <zope@zope.org> Sent: Tuesday, November 19, 2002 5:24 PM Subject: [Zope] deny access to manage interface from apache
I have a zope server handling proxy passes from apache and I am trying to restrict access to the /manage functionality from the public facing website.
here's my apache config
<VirtualHost xx.xx.78.23:800> ServerAdmin webmaster@site.com DocumentRoot /htdocs/site/current ServerName www.site.com ServerAlias site.com *.site.com ErrorLog logs/site.com-error_log
<Location ~ ".*/manage$"> Order deny,allow deny from all allow from 192.168 </Location>
ProxyPass / http://internal.office.com:8080/site/com/ ProxyPassReverse / http://internal.office.com:8080/site/com/
CustomLog "|/usr/local/bin/logger-lc -p local1.notice" vcombined
<Directory "/htdocs/site/current/"> Options +Includes AddHandler server-parsed .html </Directory> </VirtualHost>
the trouble is that if I put a URL like this in the location bar
www.site.com/manage_main
I can get into the manage interface. On the other hand, if I block access to manage_main with a regex in the <Location ..> block, then I can no longer manage the site on my internal zope server located at
http://internal.office.com:8080
How can I best handle this problem?
__________________________________________________________ Outgrown your current e-mail service? Get 25MB Storage, POP3 Access, Advanced Spam protection with LYCOS MAIL PLUS. http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )