IP filter after setting Jenkins behind a reverse proxy

[Jean-Eric Cuendet]

I want to put Jenkins behind a reverse proxy (Apache). Then Jenkins trust the caller (the RP) and doesn't manage security itself anymore.

It works only if the only caller of Jenkins IP address wise, is the RP itself.

What's the way of coniguring Jenkins to accept connections only from some IP address and not others.

I see some ways:

- A Jenkins plugin could do that. I haven't found any.

- Jetty can do that. Is it possible to configure it fron the "java -jar " command line?

- Deploy Jenkins in a "real" Tomcat which can then be configured with a valve

What's the best way?

[Daniel Beck]

> On 14.12.2016, at 16:21, Jean-Eric Cuendet <jecu...@gmail.com> wrote:
>
> - Jetty can do that. Is it possible to configure it fron the "java -jar " command line?
>

java -jar jenkins.war --help

[Daniel Beck]

> On 14.12.2016, at 16:28, Daniel Beck <m...@beckweb.net> wrote:
>
> java -jar jenkins.war --help

Well, you can configure on which interface/port to listen, which is only good enough if the reverse proxy is on the same host and you can listen to 127.0.0.1. But combined with a firewall rule, this can give you what you want.