/railo-context/admin path

[Jay]

is it possible to change the admin path from /railo-context/admin/
server.cfm to something else?

seems like a security risk to me that the admin is accessible at a
well known public location.

[Todd Rafferty]

I use mod_rewrite to block the admin.

--
~Todd Rafferty
Volunteer Community Manager
Railo Server - Open Source
----

Get Railo: http://getrailo.org/
Write Documentation: http://wiki.getrailo.org/

Report Bugs: https://issues.jboss.org/browse/RAILO
Request Features: https://railo.uservoice.com/

[Sean Corfield]

No more or less than ACF using /CFIDE/administrator/ - URL rewriting
is one option.
--
Sean A Corfield -- (904) 302-SEAN
An Architect's View -- http://corfield.org/
World Singles, LLC. -- http://worldsingles.com/
Railo Technologies, Inc. -- http://www.getrailo.com/

"Perfection is the enemy of the good."
-- Gustave Flaubert, French realist novelist (1821-1880)

[Jay]

true.  I don't like it much on ACF either.

[Michael Offner]

You can do that, but make sure do not change /Railo-context/ itself.
In Railo admin do a mapping for /railo-context/admin/ that Points to a directory with a empty Index.cfm.
Then do a mapping that points to the same location the regular Railo-context mapping does.

/micha

Vo mim iPad gschickt

[Jay]

I must be doing something wrong.  I tried to add the first mapping through the Railo admin and got an error (which makes sense) that the file is not found.  here are the steps I took:

1) created a folder E:\Websites\Empty and placed an empty index.cfm in it

2) added mapping that added the following to railo-server.xml:

  <mapping physical="E:\Websites\Empty" primary="physical" toplevel="true" trusted="false" virtual="/railo-context/admin"/>

tried to add the next mapping to railo-server.xml but got stumped there.  not sure what or how.

Jay

[Robert Zehnder]

Are you running anything in front of Tomcat (Apache/IIS) or just using Tomcat as the web server?  This would help give you the best answer because each is a little different.

[Jay]

I have Tomcat 7 at the front;  no web server before it.

[Robert Zehnder]

IMO, the easiest way to do it would be with a rewrite filter.  I usually do this with Apache and mod_rewrite, like Todd noted above.  You can get rewriting working with Tomcat with the tuckey rewrite filter: http://www.tuckey.org/urlrewrite/

I have not used it before, but here is an example of how I have it setup in Apache.  It should be fairly easy to find a comparable example with the tuckey rewrite engine.

        RewriteRule ^/railo-context/admin/(.*) - [F]

        RewriteRule ^/somereallylongdirectorysomeoneprobablycouldnotguess/(.*) /railo-context/admin/$1 [PT]

The first line stops anyone trying to access the admin through the usual directory.

The second line sets up a rewrite rule that will then take you to your web/server context admin.

http://host/somereallylongdirectorysomeoneprobablycouldnotguess/web.cfm

[Jay]

if there's no other choice -- I'll take this approach.  I don't currently have the url rewriter filter installed and I rather not install it just for that.

according to Micha this can be done in a simpler manner by using mappings so I will try to get that method to work first.

[Bilal]

Jay,
If you front-end tomcat with IIS you can use the connector I just put
out in beta:
(http://tomcatiis.riaforge.org/)
It provides a simple option to block admin acess to railo and tomcat
admin pages from remote hosts.