How can I restrict IP or host addresses for incoming connections in Apache Tomcat?

Solution Unverified - Updated -


  • Only certain IP address or range of IP addresses should be allowed to connect to Tomcat.
  • Is it possible to restrict the IP address in Tomcat so only IPs from specific virtual hosts are allowed access?
  • Is there any filtering mechanism in remoting subsystem where certain range of IPs are allowed to make remoting connection.
  • Is it possible to limit the access to a webapp to localhost? Tried using valve-mechanism, that applies to all webapps. Can this be done on a per-webapp basis?


  • Red Hat Enterprise Linux (RHEL)
    • 6.x
    • 7.x
  • Red Hat Enterprise Web Server (EWS)
    • 2.x
  • Red Hat JBoss Web Server (JWS)
    • 3.x
    • 5.x
  • Apache Tomcat
    • 6.x
    • 7.x
    • 8.x
    • 9.x

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In