I currently have a CSM website (xyz.com) that resides at my web hosting, and an OM installation on a VPS (server.xyz.com - via A record) not on the same servers.  My question; is there a way to stop direct access to server.xyz.com and only allow access if the request comes xyz.com.  Since this is based off Tomcat I have not been successful in finding a way to stop direct access.

I have "slowed" it down by changing the internal name (original server.xyz.com rediected you to server.xyz.com/openmeetings now site is server.xyz.com/newname) this causes anyone going directly to server.xyz.com gets a 404 error due to openmeetings no longer being the name, but once a user successfully goes through the CSM site and knows the location of the OM installation, then they just use the direct name instead of signing into the CSM site thus not logging them as a visit.

Was not sure if anyone had ran across this type of setup before and had a fix/work around that can be implemented to only allow access to the OM installation if the link was from xyz.com

Thank you

Reply via email to