[Zope] zope w. apache security question
Barry Pederson
barryp@medicine.nodak.edu
Fri, 03 May 2002 13:58:07 -0500
davis marques wrote:
> I'm running Zope with Apache/PCGI and am wondering if there's any means
> by which you can prevent people from getting the /manage login dialog
> from outside a designated domain or IP range?
Maybe something in the apache config like:
<LocationMatch "/manage(/|$)">
order deny, allow
deny from all
allow from 192.168.1.0/24
</LocationMatch>
to deny access to addresses outside the 192.168.1.x subnet (for example) to
things that end with '/manage' or have '/manage/' somewhere else (haven't
tried it in apache, but that RE seems to work ok in Python)
Barry