[Zope] deny access to manage interface from apache
lee doolan
leed_25m@lycos.com
Tue, 19 Nov 2002 17:24:28 -0500
I have a zope server handling proxy passes from apache and I am trying
to restrict access to the /manage functionality from the public facing
website.
here's my apache config
<VirtualHost xx.xx.78.23:800>
ServerAdmin webmaster@site.com
DocumentRoot /htdocs/site/current
ServerName www.site.com
ServerAlias site.com *.site.com
ErrorLog logs/site.com-error_log
<Location ~ ".*/manage$">
Order deny,allow
deny from all
allow from 192.168
</Location>
ProxyPass / http://internal.office.com:8080/site/com/
ProxyPassReverse / http://internal.office.com:8080/site/com/
CustomLog "|/usr/local/bin/logger-lc -p local1.notice" vcombined
<Directory "/htdocs/site/current/">
Options +Includes
AddHandler server-parsed .html
</Directory>
</VirtualHost>
the trouble is that if I put a URL like this in the location bar
www.site.com/manage_main
I can get into the manage interface. On the other hand, if I block
access to manage_main with a regex in the <Location ..> block, then I
can no longer manage the site on my internal zope server located at
http://internal.office.com:8080
How can I best handle this problem?
__________________________________________________________
Outgrown your current e-mail service? Get 25MB Storage, POP3 Access,
Advanced Spam protection with LYCOS MAIL PLUS.
http://login.mail.lycos.com/brandPage.shtml?pageId=plus&ref=lmtplus