[Zope] ZServer ACL

marc lindahl marc@bowery.com
Tue, 21 Aug 2001 00:27:42 -0400


> From: Jack Coates <jack@monkeynoodle.org>
> 
> On Mon, 20 Aug 2001, Todd Hepler wrote:
> 
>>I want to make it so that
>> clients cannot "go around" Apache and talk directly to port 8080, so
>> I'm looking for a way to make Zope only accept requests that come from
>> localhost (or a specified IP address). I can't find anything on
>> zope.org related to ACLs of this nature or blocking access to ZServer
>> based on IP address.

It's a command line argument, -a.  So you could do     -a 127.0.0.1 to limit
to only local host.


> Sean Upton already gave you some good answers -- but an additional
> important step is to do this is to use Wietse Venema's TCP Wrappers to
> limit access right there on the box.

or, xinetd.  Using webmin to administrate, couldn't be easier to deal with!