tomcat若前面有proxy,但又有阻擋ip的需求,可以如下設定
(假設ip放在X-Forwarded-For裡):
<Valve className="org.apache.catalina.valves.RemoteIpValve"
remoteIpHeader="X-Forwarded-For"
requestAttributesEnabled="true" />
<Valve className="org.apache.catalina.valves.RemoteAddrValve"
deny="1\.2\.3\.\d+|5\.5\.\d+\.\d+" />
REF:
https://tomcat.apache.org/tomcat-8.0-doc/config/valve.html#Proxies_Support
https://stackoverflow.com/questions/33495416/restrict-access-to-tomcat-manager-by-ip