client-ip-rule
The client-ip-rule configuration entry specifies the rules which are
used to determine whether a client is allowed to connect to the server.
Syntax
client-ip-rule =[+|-]<client-ip>Description
The rules that define whether a client or load-balancer IP address is allowed to connect to this server. If load-balancer IP address is allowed, then the HTTP X-Forwarder-For header is trusted. The HTTP Proxy protocol is easily spoofed and not supported.
This entry can be repeated multiple times once for each rule that is to be defined.
The client IP address of a request will be evaluated against each rule in sequence until a match is found. The corresponding code (+|-) will then be used to determine whether the client connection is accepted. If the client IP matches no configured rules the client connection will be accepted.
Options
+- Indicates that the client is permitted to connect.
-- Indicates that the client is not permitted to connect.
<client-ip>- The IP address of the client. This field can contain the ‘*?’ pattern matching characters.
Usage
This stanza entry is optional.
Default Value
None
Example
client-ip-rule = +10.10.10.*
client-ip-rule = -*