<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.0.0.1"/>
The above will restrict access to the surrounding Engine, Host, or Context element in
TOMCAT_HOME/conf/server.xml
. You may also specify a comma separated list of IP addresses instead of a single address.
If you want to deny access to one or more IP addresses, you would do something like this:
<Valve className="org.apache.catalina.valves.RemoteAddrValve" deny="127.0.0.1"/>
To restrict by host name:
<Valve className="org.apache.catalina.valves.RemoteHostValve" allow="yahoo.com"/>
You use the same allow or deny attributes and the RemoteHostValve class instead of RemoteAddrValve.