Hi,
Currently, our AEM instances are public when accessed over the author domains. I am trying to use the below file on to allow access to AEM for certain IPs only
## Update /etc/httpd/conf.d/variables/ams_default.vars with setting the AUTHOR_WHITELIST_ENABLED from 0 or 1 to enable or disable ip restriction rules
<If "${AUTHOR_WHITELIST_ENABLED} == 1">
Include /etc/httpd/conf.d/whitelists/*_whitelist.rules
</If>
I am creating a new whitelist.rules file and expecting it to be picked by the vhost file. Is this the correct approach? The current file 000_base_whitelist.rules has the below default data.
## Include this in a directory context of the virtual host you want to restrict and apply a whitelist of IP's
## Here are some examples:
### Regular expressions are used for X-FORWARDED-FOR if your dispatcher is behind a load balancer
# SetEnvIf X-FORWARDED-FOR ^199\.83\.(12[8-9]|13[0-5])\.[0-9]{1,3}$ AllowIP
# SetEnvIf X-FORWARDED-FOR ^198\.143\.(3[2-9]|[4-5][0-9]|6[0-3])\.[0-9]{1,3}$ AllowIP
### Here are some rules for CIDR ip blocks and single addresses
# Allow from XXX.XXX.XX.X/XX
# Allow from XXX.XXX.XXX.XX
Order deny,allow
Deny from all
Allow from env=AllowIP
Can I get the syntax in which the filter needs to be written to allow only certain IPs to be accessible?
