Question & Answer
Question
Is it possible to restrict access to the WebSphere Application Server administrative console to specific client IPs?
Answer
If a client has a requirement to allow access to the administrative console from only certain originating IPs, then it can be configured as follows.
- Open the Deployment Manager Console to WebSphere Application Server Network Deployment (it can be the base Application Server as well) to the following:
Servers > Application servers > server_name > Web container transport chains > WCInboundAdminSecure > TCP inbound channel
- Under General Properties, work with the following 4 fields:
- Address exclude list
- Address include list (for example, 9.X.X.75, 9.55.X.X,)
- Hostname exclude list
- Hostname include list
- Note 1: Multiple IPs or hostnames can be added in any of the preceding fields (as needed), but they need to be separated by a comma.
Note 2: In case of a Network deployment manager set up with application server nodes on a remote servers, you must also add ipaddress' of those appserver nodes to facilitate successful discovery process communication and also synchronization process.
[{"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Administrative Console (all non-scripting)","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"8.0;7.0","Edition":"Network Deployment","Line of Business":{"code":"LOB45","label":"Automation"}}]
Was this topic helpful?
Document Information
Modified date:
05 December 2019
UID
swg21328610