Miguel Enrique Cobá Martínez schrieb:
Thank for your help.
I think that Magma doesn't have this functionality (yet). But you could work around the problem in the OS layer, that is, you can use a firewall that filters IP for you. At least this would let you work until magma can filter source IP from clients.
That's what I'm doing right now. However we plan to seperate the seaside frontends from the magma backend(s). The current idea is to run the seaside frontends on dynamically allocated amazon EC2 instances - so we won't know the allowed IP. Maybe I have to patch our iptables script to include the EC2 instance IP dynamically.
BTW, the IP can be faked, without your server noticing it. The right way to filter clients it is using client certificates.
The word "security" seems to open a whole can of problems :-)
Thanks.
CU,
Udo