Menu
I have an application running on Tomcat and listening on port 8080. I made the redirect changes on the Apache level (httpd) to provide my users with the ability to only type http://app instead of http://app:8080.
Now I want to block access completely to http://app:8080, so users won't be able to reach http://app:8080.
How do I do that?
222
Access the Apache Tomcat console by browsing to http://localhost:8080/ (if installed as a non-root user) or http://localhost/ (if installed as the root user).
To access the server, use its external IP address (found on the hands-on lab overview page) in the URL bar of a web browser, then append :8080 to it. Test to ensure you are unable to access the Host Manager App on the Tomcat GUI. Note: Tomcat is installed under /usr/local/tomcat9 .
Just for completeness you might want to configure the AJP Connector in a similar way or disable it in server.xml
43
You can block a port using iptables, which is quite secure considering it's on OS level:
iptables -A INPUT/ -p tcp --dport 8080 -j DROP
Or you can comment the 8080 connector in tomcat’s configuration (in server.xml):
<!--
<Connector port="8080" …
/>
-->
Or you can just limit access to localhost (in case you want to use the manager app, etc.):
<Connector port="8080" address="127.0.0.1" maxHttpHeaderSize="8192" />
(don’t forget to restart tomcat afterwards).
161
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
