K
K
KhanTengri2010-10-13 10:05:59
Java
KhanTengri, 2010-10-13 10:05:59

How to prevent Tomcat from being called bypassing the Apache HTTP server that precedes it?

It is set like this: the Apache server sits on the 80th port and, when *.jsp is requested, redirects via mod_jk to Tomcat, which is on 8080. And everything works fine, but the question is, what about port 8080 on which Tomcat is spinning? After all, someone can type example.com:8080 instead of example.com and thus bypass Apache! I mean intentional actions of the user.
Just changing the port to some other, I think is not an option.

Answer the question

In order to leave comments, you need to log in

2 answer(s)
S
Sergey, 2010-10-13
@KhanTengri

http://tomcat.apache.org/tomcat-5.5-doc/config/http.html
Your directive: address
Set it to 127.0.0.1 and you'll be fine.

L
lugansk, 2010-10-13
@lugansk

Restrict access to port 8080 by the ip of the server on which Apache is installed, if everything is on the same machine, block the 8080th port for access from the world.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question