Restrict access for tomcat application server from IP or hosts

To restrict access to a standalone Tomcat instance by IP address
<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.0.0.1"/>
The above will restrict access to the surrounding Engine, Host, or Context element inTOMCAT_HOME/conf/server.xml. You may also specify a comma separated list of IP addresses instead of a single address. If you want to deny access to one or more IP addresses, you would do something like this:
<Valve className="org.apache.catalina.valves.RemoteAddrValve" deny="127.0.0.1"/>
To restrict by host name:
<Valve className="org.apache.catalina.valves.RemoteHostValve" allow="yahoo.com"/>
You use the same allow or deny attributes and the RemoteHostValve class instead of RemoteAddrValve.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.