Restricting web application access to selected machines

Question

I want to host a web based OpenERP application in a VPS Ubuntu 12.04 OS application. Can I restrict the application access to only assigned machines? In other words, I have 2 offices, and I need to restrict my employees from accessing this application only from office, but not from their home or outside in order to prevent losing my customer data.

I think host-deny and host-allow might be able to work. But I think we need static IP address for the same. I am not sure above solution. Basically I am looking for a solution without using static IP address.

Why are you even exposing it to the internet if you only want it accessible to the LAN? — jordanm, Jan 04 '14 at 05:14

score 0 · Answer 1 · answered Jan 04 '14 at 05:57

0

Your internal LAN should be set up with static IP addresses. If your office computers, for example, all use the 192.168.0.0/16 subnet, you can, with Apache 2.4, use the following configuration in the <Location> or <Directory> stanza:

Require ip 192.168.0.0/16

Or, with apache 2.2

Order deny,allow
Deny from all
Allow from 192.168.0.0/16

answered Jan 04 '14 at 05:57

DopeGhoti

73,792
8
97
133

Hi DopeGhoti, Thanks a lot. I am little new bie with apache here. Can you please guide me in identifying the file in which I should update with above commands? – Fayaz Jan 06 '14 at 17:25
It depends on where you have your `VirtualHost`s or `Host`s configured. Some people dump everything into `/etc/httpd/httpd.conf`; others put each site's configurations into files in `/etc/httpd.d/`; there are other paradigms as well. The first place I'd look is for any `Include` directives in the `httpd.conf` file, which will show the locations and names of any configuration files that are being incorporated from there. – DopeGhoti Jan 06 '14 at 17:39

Restricting web application access to selected machines

1 Answers1