----- Original Message -----
From: Riku Voipio <[EMAIL PROTECTED]>
Sent: Tuesday, June 27, 2000 4:05 PM
Subject: [Zope] mod_rewrite rule to close managment screens from outsiders

> I'm trying to deny external access to zope maintainance from elsewhere
> (just for  sure), with Zope behind apache. However, It
> just doesn't seem work... Sure It's more apache's problem, but I guess
> someone around there has a working solution?
> #</IfModule>
> dule mod_rewrite.c>
> RewriteEngine on
> RewriteCond %{HTTP:Authorization}  ^(.*)
> RewriteRule ^/Zope(.*) /usr/lib/cgi-bin/Zope/$1
> RewriteCond %{REMOTE_ADDR} !^193\.143\.156\.(.*)
> RewriteRule ^/Zope.*manage - [F]
> #</IfModule>
> --

I didn't use ,  the `rewrite' module for something like this,
but I remember that the order of the rules is VERY important.
I suppose that when the first Cond is matched the last doesn't matter

So maybe is better to invert the rules...


Zope maillist  -  [EMAIL PROTECTED]
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-dev )

Reply via email to