Deny Inbound Requests from Specified Hosts (Allow All Others)
The following procedure describes how to change the IP access settings for an individual port to Deny by Default and allow some hosts.
With this setting in effect, the server allows most hosts and denies some through this port.
To deny inbound requests from only specified hosts
1. Open the Integration Server Administrator if it is not already open.
2. In the Security menu of the Navigation panel, click Ports.
3. Locate the port in the Port List and click the Allow or Deny link in the IP Access column.
4. Click Change IP Access Mode to Allow by Default.
5. Click Add Hosts to Deny List.
6. Specify the host names or IP addresses of hosts from which the server is to deny inbound requests (e.g., workstation5.webmethods.com). Separate your entries with commas, for example: *.denyme.com, *.denyme2.com.
The host names or IP addresses can include upper and lower case alphabetic characters, digits (0-9), hyphens (-), and periods (.) and cannot include spaces. For IPv6, IP addresses can also include colons (:) and brackets ([]).
Avoid using the fully qualified domain name of the host. Integration Server resolves incoming host names to the simple host name and then compares the simple host name to the fully qualified domain name in the deny list. The names will not match and Integration Server will conclude that the request should be allowed. To work around this, you can use the * wildcard at the end of the simple host name. Alternatively, use the IP address.
You can use the following pattern-matching characters to identify several clients with similar host names or IP addresses.
Char | Description | Example |
* | Matches any number of characters | r*.webmethods.com |
? | Matches any single character | workstation?.webmethods.com |
7. Click Add Hosts.