Hi Yuval,
> -----Ursprüngliche Nachricht----- > Von: Yuval Schwartz [mailto:yuval.schwa...@gmail.com] > Gesendet: Freitag, 2. September 2016 13:28 > An: Tomcat Users List > Betreff: Restrict access to manager app by IP > > Tomcat: 8.0.22 > JDK: 1.8.0_05 > > Hello, > > I am currently running a web application. > > I would like to restrict access to the manager app (it is currently being hit > by spammers every so often who are unable to connect (get a message "...an > attempt was made to authenticate the locked user")). > > I was thinking of adding a "manager.xml" file to > $CATALINA_BASE/conf/[enginename]/[hostname]/ that will contain the following > context container: > > <Context privileged="true" docBase="[path_to_manager]"> <Valve > className="org.apache.catalina.valves.RemoteAddrValve" > allow="[my_ip]"/> > </Context> > > Is this the correct way to achieve my goal of limiting access to the manager > app to only my IP. > > Of course, I do not want the rest of my webapp's access limited (which is on > the ROOT path). I only want access to the manager app limited. > > (I know I can also place the context container in my webapp's > META-INF/context.xml file, is there any preference to doing this over what I > suggested above?) > > Thank you > _ > That's the proposed solution for it. I don't think that you need the docbase - unless you don't use the default location. I think you will have to quote the . in the ip with backslash, like <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="10\.100\.17\.33|10\.100\.88\.92" /> Best regards Peter