need to make zope accessable from only two different IP-Addresses
I already setup Zope, I'm using FreeBSD 4.6 and Zope from the ports collection. How can I define the hosts which are allowed to access the Zope Server on Port 8080? Thanks for any help, Manuel -- The City of Palo Alto, in its official description of parking lot standards, specifies the grade of wheelchair access ramps in terms of centimeters of rise per foot of run. A compromise, I imagine...
Either limit access by filling out the Domains field of a user (acl_users) or by putting your Zope behind an Apache/Squid. In this case you can you the webservers acl mechanism to protect your Zope. -aj ----- Original Message ----- From: "Manuel Hendel" <zope@hendel.net> To: <zope@zope.org> Sent: Tuesday, August 13, 2002 13:45 Subject: [Zope] need to make zope accessable from only two different IP-Addresses
I already setup Zope, I'm using FreeBSD 4.6 and Zope from the ports collection. How can I define the hosts which are allowed to access the Zope Server on Port 8080?
Thanks for any help, Manuel
-- The City of Palo Alto, in its official description of parking lot standards, specifies the grade of wheelchair access ramps in terms of centimeters of rise per foot of run. A compromise, I imagine...
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
On Tuesday 13 August 2002 13:45, you wrote:
I already setup Zope, I'm using FreeBSD 4.6 and Zope from the ports collection. How can I define the hosts which are allowed to access the Zope Server on Port 8080?
Thanks for any help, Manuel
This is much better handled at the OS level rather than Zope (or any other web server): add rules to your firewall to allow only specific hosts access to the relevant port - probably something like pass in quick on rl0 proto tcp from 1.2.3.4 to myhost port 8080 keep session block in quick on rl0 proto tcp from any to myhost port 8080 Be aware that this is very poor security - it is extremely easy to fake the source address of any packet... -- Robert Segall Apsis GmbH Postfach, Uetikon am See, CH-8707 Tel: +41-1-920 4904
participants (3)
-
Andreas Jung -
Manuel Hendel -
Robert Segall