Home > Backend Development > PHP Tutorial > Disable direct access to tomcat8080 port from the external network

Disable direct access to tomcat8080 port from the external network

WBOY
Release: 2016-07-28 08:25:38
Original
1826 people have browsed it

If the project uses both nginx reverse proxy server and tomcat and other web servers, and both servers are exposed to the public network, then we usually prohibit direct access to tomcat from the external network for the following reasons:

1. If you can directly If you access tomcat, nginx will be bypassed, and nginx's static services will be invalid.

2. If the 8080 port of tomcat can access the website normally, it will cause the search engine to include web pages like http://www.xxx.com:8080, which is not conducive to SEO optimization.

Therefore, it is necessary to directly prohibit users from accessing the website through http://www.xxx.com:8080. This can be achieved by using a firewall on Linux

#启动iptables服务
service iptables start
#设置iptables服务开机启动
chkconfig iptables on 
#添加过滤规则
iptables -t filter -A INPUT -p tcp -m tcp --dport 8080 -s localhost -j ACCEPT
iptables -t filter -A INPUT -p tcp -m tcp --dport 8080 -j REJECT
Copy after login

The above has introduced the prohibition of direct access to the tomcat8080 port from the external network, including the content. I hope it will be helpful to friends who are interested in PHP tutorials.

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template