- Original Message -
From: Riku Voipio [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, June 27, 2000 4:05 PM
Subject: [Zope] mod_rewrite rule to close managment screens from outsiders
I'm trying to deny external access to zope maintainance from elsewhere
(just for sure), with Zope behind apache. However, It
just doesn't seem work... Sure It's more apache's problem, but I guess
someone around there has a working solution?
#/IfModule
dule mod_rewrite.c
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^/Zope(.*) /usr/lib/cgi-bin/Zope/$1
[e=HTTP_CGI_AUTHORIZATION:%1,t=application/x-httpd-cgi,l]
RewriteCond %{REMOTE_ADDR} !^193\.143\.156\.(.*)
RewriteRule ^/Zope.*manage - [F]
#/IfModule
--
I didn't use , the `rewrite' module for something like this,
but I remember that the order of the rules is VERY important.
I suppose that when the first Cond is matched the last doesn't matter
So maybe is better to invert the rules...
PM
___
Zope maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )