answer was in apache reverse proxy bit of the admin docs (yes it is a security risk if left open...) "In this example the console has been enabled just for demonstation purposes. In a production environment you will not want to have the console accessible from the other network (normally the Internet). Having the console accessible represents a big security exposure."
raxpl wrote: > > hi list > jrun docs used to recommended that web admin. access was masked off (by > using iptables/firewall to block incoming packets on that port unless from > a known ip or range of ip's (great unless you're on dynamic ip's) but the > jrun admin. was on a different port from anything else so didn't interfere > with content...this simple to achieve on geronimo ? (an xml file somewhere > ?) or just a waste of effort ? > rich > -- View this message in context: http://www.nabble.com/securing-admin-access-tf2158727.html#a6017541 Sent from the Apache Geronimo - Users forum at Nabble.com.
