环境:
nginx/1.4.6
apache-tomcat-8.0.24
jdk1.8.0_51
1.修改Apache的端口:将【/etc/apache2/ports.conf】中的
Listen 80
<ifmodule ssl_module="">
Listen 443
</ifmodule>
<ifmodule mod_gnutls.c="">
Listen 443
</ifmodule>
Listen 80
<ifmodule ssl_module="">
Listen 443
</ifmodule>
<ifmodule mod_gnutls.c="">
Listen 443
</ifmodule>
Listen 80 <ifmodule ssl_module=""> Listen 443 </ifmodule> <ifmodule mod_gnutls.c=""> Listen 443 </ifmodule>
修改为
Listen 7080
<ifmodule ssl_module="">
Listen 7443
</ifmodule>
<ifmodule mod_gnutls.c="">
Listen 7443
</ifmodule>
Listen 7080
<ifmodule ssl_module="">
Listen 7443
</ifmodule>
<ifmodule mod_gnutls.c="">
Listen 7443
</ifmodule>
Listen 7080 <ifmodule ssl_module=""> Listen 7443 </ifmodule> <ifmodule mod_gnutls.c=""> Listen 7443 </ifmodule>
同时需要修改【/etc/apache2/sites-available/000-default.conf】的端口
<virtualhost *:80="">
<virtualhost *:80="">
<virtualhost *:80="">
修改为
<virtualhost *:7080="">
<virtualhost *:7080="">
<virtualhost *:7080="">
同时禁用Apache的目录浏览,修改【/etc/apache2/apache2.conf】
<directory var="" www="">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</directory>
<directory var="" www="">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</directory>
<directory var="" www=""> Options Indexes FollowSymLinks AllowOverride None Require all granted </directory>
修改为
<directory var="" www="">
Options FollowSymLinks
AllowOverride None
Require all granted
</directory>
<directory var="" www="">
Options FollowSymLinks
AllowOverride None
Require all granted
</directory>
<directory var="" www=""> Options FollowSymLinks AllowOverride None Require all granted </directory>
重启Apache
/etc/init.d/apache2 restart
/etc/init.d/apache2 restart
/etc/init.d/apache2 restart
重启之后,可能会报下面的错误
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using XXX.XXX.XXX.XXX.
Set the 'ServerName' directive globally to suppress this message
[ OK ]
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using XXX.XXX.XXX.XXX.
Set the 'ServerName' directive globally to suppress this message
[ OK ]
AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using XXX.XXX.XXX.XXX. Set the 'ServerName' directive globally to suppress this message [ OK ]
这时候,Apache已经启动了,但是上面的错误信息是说没有定义【ServerName】
这时,修改【/etc/apache2/apache2.conf】,在里面增加下面的代码,重新启动即可。
ServerName 127.0.0.1
ServerName 127.0.0.1
ServerName 127.0.0.1
2.禁止外网直接访问apache的端口
iptables -F
iptables -A INPUT -p tcp -s 127.0.0.1/32 --dport 7080 -j ACCEPT
iptables -A INPUT -p tcp --dport 7080 -j REJECT
iptables -F
iptables -A INPUT -p tcp -s 127.0.0.1/32 --dport 7080 -j ACCEPT
iptables -A INPUT -p tcp --dport 7080 -j REJECT
iptables -F iptables -A INPUT -p tcp -s 127.0.0.1/32 --dport 7080 -j ACCEPT iptables -A INPUT -p tcp --dport 7080 -j REJECT
3.禁止外网直接访问tomcat的8080端口
iptables -F
iptables -A INPUT -p tcp -s 127.0.0.1/32 --dport 8080 -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j REJECT
iptables -F
iptables -A INPUT -p tcp -s 127.0.0.1/32 --dport 8080 -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j REJECT
iptables -F iptables -A INPUT -p tcp -s 127.0.0.1/32 --dport 8080 -j ACCEPT iptables -A INPUT -p tcp --dport 8080 -j REJECT
沪公网安备 31011502001064号