On Fri, 17 Nov 2000, Dario Lopez-Kästen wrote:
one of my colleagues configure Apache and Zope using the "Apache & ZServer" how to. This works well and Apache serves Zope pretty well and we can even use SSL (there are some issues to be resolved that I suspect are due to misconfiguration on our server). However, I can always access Zope directly using port 8080 (or whatever port where ZServer is listening to) without SSL.
This is aboviously not the intended behaviour. Is there a way to prevent this? I know there is ZServerSSL but isn't the whole point of using Apache
Look at z2.py options to set IP to listen on. If Zope and Apache are on the same machine, you can set 127.0.0.1, so Zope won't be accesible from other hosts. If they are on separate machines, then probably they are in the same LAN - so you can use some other address not accessible from outside your LAN. ololo@zeus.polsl.gliwice.pl /--------------------------------------\ | `long long long' is too long for GCC | \--------------------------------------/