Preventing unauthorized access to mongrel balancermenbers

Added by Thomas Oppelt over 9 years ago

Hi,
how can i prevent direct access via mongrel cluster ports 8000 8001 etc analogue to port 80 authentication within apache e.g.:
<Proxy balancer://redmine_cluster>
Order allow,deny
Allow from all
AuthType Basic
AuthName "redmine"
AuthUserFile /usr/admin/web/.htusers
AuthGroupFile /usr/admin/web/.htgroups
require user xy
require group admins
BalancerMember http://127.0.0.1:8000
BalancerMember http://127.0.0.1:8001
BalancerMember http://127.0.0.1:8002
</Proxy>

regards

Replies (1)

RE: Preventing unauthorized access to mongrel balancermenbers - Added by Carl Nygard over 9 years ago

My first guess would be /etc/hosts.allow /etc/hosts.deny. You should be able to allow access to the port from localhost (which allows apache to proxy to mongrel) but deny access to he mongel ports from anywhere on the network.

(1-1/1)