...
...
Block access to the public
...
API calls.
Open the Apache’s configuration file and add below code snippet. This configuration provides example to block access to public institute and sites API calls.
| Code Block | ||
|---|---|---|
| ||
<VirtualHost *:80>
ServerName <domain name>
ProxyPass / ajp://localhost:8009/openspecimen/
ProxyPassReverse / ajp://localhost:8009/openspecimen/
RewriteEngine On
RewriteCond %{HTTP:X-OS-API-TOKEN} !^$
RewriteRule .? - [S=2]
RewriteRule ^/rest/ng/institutes - [F]
RewriteRule ^/rest/ng/sites - [F]
RewriteCond %{HTTP:Cookie} ^osAuthToken
RewriteRule .? - [S=2]
RewriteRule ^/rest/ng/institutes - [F]
RewriteRule ^/rest/ng/sites - [F]
...
...
</VirtualHost> |
Block all the URLs except the specimen catalog URL.
| Code Block | ||
|---|---|---|
| ||
<VirtualHost *:80> ServerName <domain name> ProxyPass / ajp://localhost:8009/openspecimen/ ProxyPassReverse / ajp://localhost:8009/openspecimen/ ....... ....... RewriteEngine On RewriteRule ^/fonts/ - [L] RewriteRule ^/styles/ - [L] RewriteRule ^/images/ - [L] RewriteRule ^/modules/ - [L] RewriteRule ^/plugin-ui-resources/ - [L] RewriteRule ^/rest/ng/(specimen-catalogs|user-otp-details|external-dashboards|config-settings) - [L] RewriteRule ^/rest/ng/.*$ - [F] </VirtualHost> |
...