how do you prevent user access during MSM pushes and server restarts?

How do you prevent users from accessing your production CMS when you need to do an MSM push, add a patch, or restart your production server? Are there tools in Rhythmyx to do this?

Now that we are finally live with a small portion of our website on Rhythmyx, there will be up to 100 end users who have access to edit their own pages. Contacting them all to get them to logout so I can do a push or restart is not practical. So how do I block access to the production server to get maintenance type things done?

We have an Apache reverse proxy set up which connects to the application server via an AJP port. When we want everyone locked out, we change the configuration of the Apache reverse proxy to allow the admin’s IP address and 127.0.0.1. Otherwise, we deliver an HTTP status 503 error message.

Before we implemented the Apache reverse proxy, we had a security domain defined, and we used the hostfilter.jar in order to lock down to the admin’s IP and 127.0.0.1.