 |
|
茫茫網海中的冷日
發生過的事,不可能遺忘,只是想不起來而已! |
|
|
恭喜您是本站第 1671031
位訪客!
登入 | 註冊
|
|
|
|
| 發表者 |
討論內容 |
冷日
(冷日) |
發表時間:2016/9/16 8:46 |
- Webmaster
- 註冊日: 2008/2/19
- 來自:
- 發表數: 15771
|
- [轉貼]Tomcat listen only on localhost
- Tomcat listen only on localhost
We want to run servlets on Tomcat and serve them via Apache using the proxy_ajp connector.
On the standard installation, Tomcat was listening on port 8080, which was not blocked by a firewall. This means a servlet was not only accessible via Apache on port 80:
http://www.example.com/servlet
But also via Tomcat on port 8080:
http://www.example.com:8080/servlet
To ensure the only way in to our servlets is via apache, you can try the following fix:
In the Tomcat server.xml add the attribute ‘address=”127.0.0.1″‘ to the HTTP and AJP connectors. This makes Tomcat listen only on the localhost.
Examples:
<Connector address="127.0.0.1" port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />
<Connector address="127.0.0.1" port="8009" protocol="AJP/1.3" redirectPort="8443" />
Then in your apache config, ensure that your proxy_ajp is connecting on localhost.
ProxyPass /my_servlet ajp://localhost:8009/my_servlet
ProxyPassReverse /my_servlet ajp://localhost:8009/my_servlet
冷日:
先上這個範例,他是教你如何讓 Tomcat 只 Listen localhost!
因為他要讓前端交給 Apache 來處理,畢竟大多數時候我們還是比較信任 Apache 及 80 Port!
原文出處: Tomcat listen only on localhost » Computational Geoscience Rant
|
|
|
討論串
|
[轉貼]Tomcat listen only on localhost (冷日