I wanted to setup a confluence for me and some limited organization, but confluence does not have that feature at the moment, and I was able to make it by modifying server.xml.

In that case, you can allow access to only certain IP Addresses by adding following line in server.xml:

<Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.0.0.1|192.168.10.*|116.112.149.2"/>


The list of allowed IP addresses is a '|' seperated list. Wildcards are permitted in the list of IP addresses. Any IP which isn't included in this list will no longer be able to access Confluence.

The following is an example server.xml after adding the above line:

<Server port="8000" shutdown="SHUTDOWN" debug="0">
    <Service name="Tomcat-Standalone">
        <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" port="8090" minProcessors="5"
                   maxProcessors="75"
                   enableLookups="false" redirectPort="8443" acceptCount="10" debug="0" connectionTimeout="20000"
                   useURIValidationHack="false" URIEncoding="UTF-8"/>
        <Engine name="Standalone" defaultHost="localhost" debug="0">
            <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="false" startStopThreads="4">
                <Context path="" docBase="../confluence" debug="0" reloadable="false" useHttpOnly="true">
                    <!-- Logging configuration for Confluence is specified in confluence/WEB-INF/classes/log4j.properties -->
                    <Manager pathname=""/>
                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60"/>
                </Context>
                <Context path="${confluence.context.path}/synchrony-proxy" docBase="../synchrony-proxy" debug="0"
                         reloadable="false" useHttpOnly="true">
                    <Valve className="org.apache.catalina.valves.StuckThreadDetectionValve" threshold="60"/>
                </Context>
                <Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="127.0.0.1|192.168.10.*|116.112.149.2"/>
            </Host>
        </Engine>
    </Service>
</Server>

Note

  • If you're clients are using DHCP, your Confluence might be inaccessible due to the changes in the IP Address.
  • For more information, please refer the Apache Tomcat Documentation.