I'm running Solr on Tomcat 8 on a Windows Server 2008 and I want to complete restrict all access to both except local. I've tried adding address attributes to <connector/> tags in the server.xml file and a couple of other things, but I noticed in each case the problem described was limiting access to a particular area, whereas I want a complete block. What is the correct (e.g. deepest/highest) place to set this access restriction within Tomcat?