對這文章發表回應
發表限制: 非會員 可以發表
發表者: 冷日 發表時間: 2016/9/16 8:46:04
Tomcat listen only on localhost
We want to run servlets on Tomcat and serve them via Apache using the proxy_ajp connector.
On the standard installation, Tomcat was listening on port 8080, which was not blocked by a firewall. This means a servlet was not only accessible via Apache on port 80:
But also via Tomcat on port 8080:
To ensure the only way in to our servlets is via apache, you can try the following fix:
In the Tomcat server.xml add the attribute ‘address=”127.0.0.1″‘ to the HTTP and AJP connectors. This makes Tomcat listen only on the localhost.
Examples:
Then in your apache config, ensure that your proxy_ajp is connecting on localhost.
冷日:
先上這個範例,他是教你如何讓 Tomcat 只 Listen localhost!
因為他要讓前端交給 Apache 來處理,畢竟大多數時候我們還是比較信任 Apache 及 80 Port!
原文出處: Tomcat listen only on localhost » Computational Geoscience Rant
We want to run servlets on Tomcat and serve them via Apache using the proxy_ajp connector.
On the standard installation, Tomcat was listening on port 8080, which was not blocked by a firewall. This means a servlet was not only accessible via Apache on port 80:
http://www.example.com/servlet
But also via Tomcat on port 8080:
http://www.example.com:8080/servlet
To ensure the only way in to our servlets is via apache, you can try the following fix:
In the Tomcat server.xml add the attribute ‘address=”127.0.0.1″‘ to the HTTP and AJP connectors. This makes Tomcat listen only on the localhost.
Examples:
<Connector address="127.0.0.1" port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />
<Connector address="127.0.0.1" port="8009" protocol="AJP/1.3" redirectPort="8443" />
Then in your apache config, ensure that your proxy_ajp is connecting on localhost.
ProxyPass /my_servlet ajp://localhost:8009/my_servlet
ProxyPassReverse /my_servlet ajp://localhost:8009/my_servlet
冷日:
先上這個範例,他是教你如何讓 Tomcat 只 Listen localhost!
因為他要讓前端交給 Apache 來處理,畢竟大多數時候我們還是比較信任 Apache 及 80 Port!
原文出處: Tomcat listen only on localhost » Computational Geoscience Rant