You can edit the scrapyd settings and put the following configuration in the ~ / .scrapyd.conf file:
bind_address = 127.0.0.1
This will make the server only be able to be used by processes running on it.
If you wish to password protect, you can also use the apache server as a proxy and add basic authentication. Abaxio follows an example of a virtual host:
<VirtualHost *:80>
ServerName yourserver
DocumentRoot /var/www/service-status
<Directory /var/www/service-status/>
Require valid-user
Order allow,deny
Allow from all
AuthType Basic
AuthName "Protected"
AuthUserFile /var/www/service-status/.htpasswd
</Directory>
<Location /api/>
ProxyPass http://127.0.0.1:40500/
ProxyPassReverse http://127.0.0.1:40500/
</Location>
<Proxy *>
Require valid-user
AuthType Basic
AuthName "Protected"
AuthUserFile /var/www/service-status/.htpasswd
</Proxy>
RewriteEngine on
RewriteRule ^/?api$ /api/ [QSA,L,R]
RewriteRule ^/?jobs(.*) /api/jobs$1 [QSA,L,R]
RewriteRule ^/?logs(.*) /api/logs$1 [QSA,L,R]
RewriteRule ^/?items(.*) /api/items$1 [QSA,L,R]
</VirtualHost>
In the example above, the API commands would be available at link
The .htpasswd file needs to be created for the virtualserver to work.