Securring a rails app deployed with passenger

Hi guys,

I want my rails app to be accessible from certain IPs only. I tried to
archieve this the way I was used to it in the PHP-world (in apache
vhost-setup):

<VirtualHost *:80>
ServerName my.domain.com
DocumentRoot /home/todo/public
RailsEnv production

deny from all
#allow from 1.1.1.1 #ip1
#allow from 2.2.2.2 #ip2

All static files (css, js and so on) are prohibited for unknown IP as
they should, but my.domain.com/ is not! Rails just servers the HTML to
all visitors.

What can I do to restrict my site certain IPs?

Thanks!

I’m not an apache expert but I’m pretty sure that
directive should say <Directory /home/todo/public>

On May 6, 1:35 am, Rasmus N. [email protected]

You must write allow directive into Proxy definition too.
Put your absolute path into Directory definition (as said Ivan).

Regards!
Rasmus N. escribió:

    <Directory />

What can I do to restrict my site certain IPs?

Thanks!


Rafael Garcia Ortega

On Mon, 2008-05-05 at 17:35 +0200, Rasmus N. wrote:

All static files (css, js and so on) are prohibited for unknown IP as
they should, but my.domain.com/ is not! Rails just servers the HTML to
all visitors.

What can I do to restrict my site certain IPs?

Hi Rasmus,

That Directory section should be a Location section. This is necessary
with the normal Apache proxying too as Apache isn’t technically
accessing that directory, your Rails app is.

John.


http://www.brightbox.co.uk - UK Ruby on Rails hosting