AJP 1.3 Connector listens on port 8009 globally, why and how to turn it off?

Question

I set up a Tomcat 6 with an Apache 2 and mod_proxy. Now I have this default value in my server.xml:

<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

netstat looks like this:

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      4703/apache2    
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1020/sshd       
tcp        0      0 127.0.0.1:8005          0.0.0.0:*               LISTEN      10517/java      
tcp        0      0 0.0.0.0:8009            0.0.0.0:*               LISTEN      10517/java      
tcp        0      0 127.0.0.1:8009          127.0.0.1:48704         ESTABLISHED 10517/java      
tcp        0      0 127.0.0.1:48704         127.0.0.1:8009          ESTABLISHED 11696/apache2   

My question's now, is there a necessarity for AJP to listen on port 8009 globally, I don't think so?! And how to turn it off?

Answer 1

You can comment out this connector from server.xml. It is used by mod_jk, mod_proxy does not need this port (it uses standard HTTP Tomcat connector, 8080 port by default).However, mod_jk is sometimes preferred over mod_proxy.