stackoom
  简体   繁体   中英

Apache, Tomcat and mod proxy http set up

 原文  2011-12-08 09:49:22       java/ security/ apache/ tomcat/ ubuntu

Question

I am running a web application on Tomcat (port 8080) with Apache (port 80) in front (on Ubuntu) using mod-proxy_http as the connector. The app is available through port 80 but also through port 8080. This is actually quite useful (when deploying/testing).

Are there are any particular disadvantages/vulnerabilities with keeping port 8080 open in this way?

1 answers

solution1
 2 ACCPTED  2011-12-08 10:34:22

My opinion is that you should close 8080 port, or at least allow it for certain host/IP. Less open ports, less problems. Opening port 8080 could let attacker to have more entry points (80 and 8080, using different technologies) and exploit different techniques. Also HTTPd server has much better security modules.

Have you consider using mod_ajp_proxy?

Hope this helps.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Bad Gateway 502 error with Apache mod_proxy and Tomcat Error with an Apache in front of Tomcat using AJP connector and mod_proxy Set up proxy for Java app deployed in tomcat 8 Sending redirect in Tomcat web application behind a Apache 2 proxy (mod_proxy) Simple proxy Apache - Tomcat Websocket with apache mod_proxy_wstunnel to tomcat with javax.servlet.request.X509Certificate Host Tomcat7 WebApp on domain behind Apache2 with mod_proxy Proxy chaining in Apache HTTP How to set global http proxy settings for apache HttpClient Set up redirects with Apache Server for a website running in Tomcat
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM