Re: Tomcat 8.5 disabling port 80 listening
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Nitin, On 1/29/20 10:49 AM, Nitin Kadam wrote: > I have a tomcat 8.5 server configured in the production > environment. As per requirement, we need to disable all 80 port > listening from the application and only https (443) to be allowed. Requirements are requirements, but this one is a bad idea. https://scotthelme.co.uk/why-closing-port-80-is-bad-for-security/ > I have implemented SSL and the same is working fine. however, > still, tomcat is showing listening on 80. so can we disable > (comment ) port 80 connector from server.xml which will only allow > access to the portal with Https. > > From : connectionTimeout="2" redirectPort="443" /> To : Did you restart Tomcat? Since you are binding to port 80, I have to ask if you are running as root. If you have a "security" requirement for closing port 80, you have a MUCH MORE URGENT SECURITY REQUIREMENT TO NOT RUN AS root. - -chris -BEGIN PGP SIGNATURE- Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/ iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl4xsUAACgkQHPApP6U8 pFgHtQ//V4JVHP14XOESIvRt6tRorkeM1j8q+7nQ55NzQPZeUqFm80b0Xgp0wgQk FbiKKKNmT93nKcGmJZzuzi9Vv67SDbxiyUztJUw6qcdfCm8tAuNgWMOwYC6alIZr CLYsJ5QJuxEEAI6tSOcaZu6HQ5rL41XLo2rOYnPGOgxyLQuQBbGcp9o5vPsCJFbm FH1TbYXllMUZPlUCvFktrePNu5l1sNOn5+3WRfkkGmnH1S8KN1udPQQytA7iLmGZ /kAg/xP4Y6PuT1e0GjVHMd1KogtLsLZmNmuKOyMEiSQ4uXHc6BGUpZZMl+vi1MK+ 0NN16xyNe+DkU8nwdT2zus8WGOW+3p441Zqn2GnOuZPVAqaTSQS/1jyHIOtHSWmR 6IpICCE5IFJIX4RRLwEErwG5moHSehkFuRPLUZj743meyZuu39iqqv5OfE+ctUyM Tn/9QwIqrNIhKi9rgh5xU1X6lx4luVpWJLuXR1qBSjHiSkb1zouPxklFhSpo0b0K QKeMIXTlc9UdUAUCGjcYcmVSb/BDDj0nMH0P+OgAzsHGZo1/XhVPdha8tqgVETCg CytCSW4I0oxR/cS46EEJzYHERsYEG3573GY9QjcEASk/uRuLwO1noaRaPWFUHXkv vLISdZYeU9VT7SfhulotPIDOV5y0DFXed5uJZ8o5xBeyO2oeXIc= =SG7D -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: Tomcat 8.5 disabling port 80 listening
>> -Original Message- >> From: Nitin Kadam >> Sent: Wednesday, January 29, 2020 9:50 AM >> To: Tomcat Users List >> >> Subject: Tomcat 8.5 disabling port 80 listening >> Hi Team, >> I have a tomcat 8.5 server configured in the production environment. As per >> requirement, we need to disable all 80 port listening from the application >> and only https (443) to be allowed. >> I have implemented SSL and the same is working fine. however, still, tomcat >> is showing listening on 80. so can we disable (comment ) port 80 connector >> from server.xml which will only allow access to the portal with Https. >> >> >> From : >> >connectionTimeout="2" >>redirectPort="443" /> >> To : >> >> -- >> Regards >> Nitin Kadam By All means yes. :-) Dream * Excel * Explore * Inspire Jon McAlexander Asst Vice President Middleware Product Engineering Enterprise CIO | Platform Services | Middleware | Infrastructure Solutions Upcoming PTO: 11/8, 11/11, 11/15, 11/22, 11/28, 11/29, 12/2, 12/6, 12/13, 12/20 – 12/31 8080 Cobblestone Rd | Urbandale, IA 50322 MAC: F4469-010 Tel 515-988-2508 | Cell 515-988-2508 jonmcalexan...@wellsfargo.com This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose, or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation.
Tomcat 8.5 disabling port 80 listening
Hi Team, I have a tomcat 8.5 server configured in the production environment. As per requirement, we need to disable all 80 port listening from the application and only https (443) to be allowed. I have implemented SSL and the same is working fine. however, still, tomcat is showing listening on 80. so can we disable (comment ) port 80 connector from server.xml which will only allow access to the portal with Https. >From : To : -- Regards Nitin Kadam