Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Prevent Jenkins access on port 8080

I have a bare-bones install of jenkins on my Ubuntu server that I installed using just sudo apt-get install jenkins, as a result, jenkins is now accessible from all the domains that point to my box by simply adding :8080 on the the URL.

I have successfully configured apache to proxy jenkins to I can access it from ci.mydomain.com, but I cannot work out how to prevent jenkins from being accessible on port 8080.

Here is my apache conf:

<VirtualHost xx.xx.xx.xx:80>
    ServerAdmin [email protected]
    ServerName ci.mydomain.com

    ProxyPass         /  http://localhost:8080/
    ProxyPassReverse  /  http://localhost:8080/
    ProxyRequests     Off

    <Proxy http://localhost:8080/*>
        Order deny,allow
        Allow from all
    </Proxy>
</VirtualHost>

I've followed the Ubuntu instructions here, but they didn't seem to have any effect.

like image 955
Dunhamzzz Avatar asked Jun 28 '12 21:06

Dunhamzzz


People also ask

How do I disable Jenkins on port 8080?

The default is port 8080. To disable (because you're using https), use port -1 . This option does not impact the root URL being generated within Jenkins logic (UI, inbound agent files, etc.). It is defined by the Jenkins URL specified in the global configuration.

How do I run Jenkins on different port rather than 8080?

Open the file using a text editor such as Notepad or Notepad++. Scroll down until you find the line that contains --httpPort=8080 and change the number to the port you want to set. Note: If you are using HTTPS with Jenkins, use java -jar jenkins. war --httpsPort=[port number] to change the port in the command prompt.

What ports need to be open for Jenkins?

The default Jenkins installation runs on ports 8080 and 8443. Typically, HTTP/HTTPS servers run on ports 80 and 443, respectively.


1 Answers

You can use iptables since it's Ubuntu, to block all non-local access to port 8080.

iptables -A INPUT -p tcp --dport 8080 -s localhost -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j DROP
like image 189
ionFish Avatar answered Oct 16 '22 23:10

ionFish