Tomcat security restricted access
By default Tomcat is listening on all interfaces. That can be a problem!
Bind Tomcat to an interface
This easiest way to bind Tomcat to an interface is to set the IP@ on the connector
(s).
Edit your server.xml
configuration:
- Automatic install: /etc/tomcat7/server.xml
- Manual install: /opt/tomcat-base/server.xml
vim $TOMCAT/server.xml
Add the address="127.0.0.1":
<Connector port="8080" protocol="HTTP/1.1"
address="127.0.0.1"
connectionTimeout="20000"
redirectPort="8443" />
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009"
address="127.0.0.1"
protocol="AJP/1.3" redirectPort="8443" />
<!-- A "Connector" using the shared thread pool-->
<Connector executor="tomcatThreadPool"
address="127.0.0.1"
port="8080" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />