https://bz.apache.org/bugzilla/show_bug.cgi?id=62334
--- Comment #2 from Marat Abrarov <abra...@gmail.com> --- (In reply to Christopher Schultz from comment #1) > Does IIS not already provide such a facility? It looks like you are right, and it looks logical for me to handle this stuff at web server side. I am not sure why my colleagues found just workaround with Microsoft URL Rewrite Module for IIS (see original description of this issue) - I just googled for 30 min and found below solution myself: 1. I installed "IP and Domain Restrictions" feature of IIS according to https://docs.microsoft.com/en-us/iis/configuration/system.webserver/security/ipsecurity/. 2. Then I configured delegation of this feature according to https://stackoverflow.com/questions/16220819/internal-server-error-with-web-config-ipsecurity 3. Then I changed web.config file located at the root of IIS site - added below lines at the end (ISAPI redirector status worker is mapped to /jkmanager): <location path="jkmanager"> <system.webServer> <security> <ipSecurity allowUnlisted="false"> <add ipAddress="127.0.0.1" allowed="true" /> <add ipAddress="::1" allowed="true" /> </ipSecurity> </security> </system.webServer> </location> 4. Then I restarted IIS with below PowerShell commands (not sure if this is needed, maybe just restart of site is sufficient and maybe restart is not needed at all): Stop-Service -Name "was" -Force Start-Service -Name "w3svc" This solution works for me. I'll test it sooner with larger number of scenarios (want to ensure that this solution wasn't taken in the past just because it wasn't found at that time and not because of any issues it may have) and will close this issue if no pitfalls / missing features will be found. Thank you. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
