[mapserver-users] ows_denied_ip_list is working ?
Lime, Steve D (MNIT)
steve.lime at state.mn.us
Wed Jul 31 14:50:32 PDT 2019
Hi Andrea: I just tested with MapServer 6.4 and 7.4 and it works as expected, at least with WMS GetMap requests. My process was:
1. Make a WMS request and check the logs to confirm the IP I was showing up as.
2. Edit the mapfile and add “ows_denied_ip_list” “my IP” to the WEB METADATA section.
3. Perform the same WMS request in the browser – result was a WMS exception.
4. Edit the mapfile and change the ip slightly so it shouldn’t match but leaving the directive in place.
5. Perform the same WMS request in the browser – result was a PNG image.
I did tried multiple IPs in the list, with and without my IP and everything worked as expected. I did not try using an external file. I did notice with my IP in the list a GetMap request was blocked, a GetCapabilities request was not. I didn’t try a GetFeature… request.
Makes me wonder if you have the right IP for your test setup?
--Steve
From: Andrea Peri [mailto:aperi2007 at gmail.com]
Sent: Tuesday, July 30, 2019 2:30 PM
To: Lime, Steve D (MNIT) <steve.lime at state.mn.us>; mapserver-users at lists.osgeo.org
Subject: Re: [mapserver-users] ows_denied_ip_list is working ?
Hi,
I was using a compiled version from a recent clone of master .
I try to apply ot to WEB-> METADATA section section using this kind of values:
I try to use a list of IP directly listed using a space as separator
"ows_denied_ip_list" "xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy zzz.zzz.zzz.zzz"
or using a file where there is the same list one IP for line
"ows_denied_ip_list" "file:/path-to-file/file-with-ip-list.txt"
The values listed are the possibly values of our proxy.
So I guess setting them as denied IP mapserver should refuse to give a map to every client wms using them.
Instead the map are still showed.
I'm using QGIS as wms client to test it.
A.
Il mar 30 lug 2019, 04:21 Lime, Steve D (MNIT) <steve.lime at state.mn.us<mailto:steve.lime at state.mn.us>> ha scritto:
I will test and reply back. What specific version, config and tests did you try on your end?
________________________________
From: mapserver-users <mapserver-users-bounces at lists.osgeo.org<mailto:mapserver-users-bounces at lists.osgeo.org>> on behalf of Andrea Peri <aperi2007 at gmail.com<mailto:aperi2007 at gmail.com>>
Sent: Saturday, July 27, 2019 9:02:07 AM
To: mapserver-users at lists.osgeo.org<mailto:mapserver-users at lists.osgeo.org> <mapserver-users at lists.osgeo.org<mailto:mapserver-users at lists.osgeo.org>>
Subject: [mapserver-users] ows_denied_ip_list is working ?
Hi,
I see my version of mapserver don't work the ows_denied_ip_list.
I see ths other mex:
http://osgeo-org.1560.x6.nabble.com/ows-allowed-ip-list-ows-denied-ip-list-not-working-td5202667.html<https://gcc01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fosgeo-org.1560.x6.nabble.com%2Fows-allowed-ip-list-ows-denied-ip-list-not-working-td5202667.html&data=02%7C01%7CSteve.Lime%40state.mn.us%7Ca2bef76fd62f471db1e608d715245908%7Ceb14b04624c445198f26b89c2159828c%7C0%7C0%7C637001118169695729&sdata=PWJxX4BJMhOodJ7FadppgR%2F3XAk9lLW%2FHJadeWehSRQ%3D&reserved=0>
I try all the same option but nothing is work.
So I guess that instead that the ows_denied_ip_list was dismissed.
Is this confirmed ?
Thx.
A.
--
-----------------
Andrea Peri
. . . . . . . . .
qwerty àèìòù
-----------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/mapserver-users/attachments/20190731/320bf754/attachment-0001.html>
More information about the mapserver-users
mailing list