In many cases it is necessary to lock webserver to specified domain or IP to lower attacks or just to lock subserver to its parent. In such case the value of header Host: ***** of initial HTTP request will be checked against allowed list of http hosts.


To use that feature do also following:

1. open with notepad *\Clients\webserver\settings.bin

2. and add as last line
allowed_http_hosts=|tsplus.company.com|
or
allowed_http_hosts=|tsplus.company.com|your.host.com|
or
allowed_http_hosts=|tsplus.company.com|your.host.com|22.33.77.88|
and so on.

3. restart HTML5 instance in AdminTool GUI to take changes effect.

In example above, if it was locked to tsplus.company.com then you can navigate your webserver only by domain or IP you provided in allowed_http_hosts like http://tsplus.company.com or when IP was used then https://22.33.77.88 etc.

Additionally it may give you advanced security level if you add this option on all your subservers that you navigate by reverse proxy style like https://tsplus.company.com/~~srv1/ 

In such case the settings.bin file must be adapted directly on subserver additionally to gateway, also on both instances - gateway and subserver - same setting value.


Important notice: for internal purposes intranet hosts with Host: **** header containing intranet IP or localhost are still allowed and can't be affected by allowed_http_hosts=***.

http(s)://localhost

http(s)://127.*

http(s)://10.*

http(s)://192.168.*

http(s)://169.254.*

http(s)://172.16-31.*