On 5/9/12 2:52 PM, Jerzy Łogiewa wrote: > when building webserver I want only 127.0.0.1 able to connect - not the > internet and not 192.168.x.x even! > > this is for hidden service _ONLY_ and no one even on local network should be > able to probe for it. > > i know how to setup hidden service basically. how can i do this above with > apache or lighttpd? if i want the same for ssh how can I do it using system? > > restrict all connections to 127.0.0.1 - and no tails please! :-D
Hi Jerzy, try Listen 127.0.0.1:80 in your Apache configuration, server.bind = "127.0.0.1" in your lighttpd config and ListenAddress 127.0.0.1 in your sshd config. This makes the daemons only bind to the loopback interface. After a server restart, check with netstat that you really are not listening on any external interface: netstat -na | grep '^tcp.*LISTEN' Cheers, Ralf _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
