Stop serving pages directly

ashleyct · Mar 17, 2005

Hi,

I'm Running Tomcat 5 with Apache 2 via mod_jk. I have a secure section of my site which should only be accessible via https, and have set up httpd.conf so that any access to that directory requires ssl (and redirects to a https page).

My problem is that if I connect on port 8080, I can bypass all the checks and redirects set up in Apache! Is there a way to stop Tomcat serving pages directly and only accept them via Apache?

Thanks in advance!
Ash

sedj · Mar 17, 2005

Yes, remove the Connector listening on port 8080 from server.xml (apache talks to tomcat via port 8009).

--------------------------------------------------
Free Database Connection Pooling Software

http://www.primrose.org.uk

ashleyct · Mar 17, 2005

Excellent! Thanks for that - I did worry that you'd still be able to get around it by going to 8009 or 8443 directly but that doesn't seem to be the case - works a charm.

Thanks again!

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Stop serving pages directly

ashleyct

Programmer

sedj

Programmer

ashleyct

Programmer

Similar threads

Part and Inventory Search

Sponsor