incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dave Cottlehuber <d...@muse.net.nz>
Subject Re: Disable default unsecure plain HTTP 5984
Date Fri, 21 Oct 2011 13:21:35 GMT
On 21 October 2011 15:16, Nestor Urquiza <nestor.urquiza@gmail.com> wrote:
> That was it: I did the change in default,ini and that did the trick.
> Thanks!
> -Nestor
>
> On Fri, Oct 21, 2011 at 8:53 AM, Benoit Chesneau <bchesneau@gmail.com> wrote:
>> On Fri, Oct 21, 2011 at 2:37 PM, Nestor Urquiza
>> <nestor.urquiza@gmail.com> wrote:
>>> Thanks for the fast responses.
>>>
>>> Here is what I have in daemons section:
>>> [daemons]
>>> ; enable SSL support by uncommenting the following line and supply the
>>> PEM's below.
>>> ; the default ssl port CouchDB listens on is 6984
>>> httpsd = {couch_httpd, start_link, [https]}
>>>
>>> Still I get the below:
>>> $ ./utils/run
>>> Apache CouchDB 1.1.1a1186848 (LogLevel=info) is starting.
>>> [info] [<0.97.0>] Attempting to start replication
>>> `d30383157f3a29c1356051d04c7a5ed8+continuous+create_target` (document
>>> `by_clientId`).
>>> Apache CouchDB has started. Time to relax.
>>> [info] [<0.31.0>] Apache CouchDB has started on http://127.0.0.1:5984/
>>> [info] [<0.31.0>] Apache CouchDB has started on https://127.0.0.1:6984/
>>>
>>> Not sure what I am missing.
>>> Best,
>>> -Nestor
>>>
>>>
>>> On Fri, Oct 21, 2011 at 7:32 AM, Robert Newson <rnewson@apache.org> wrote:
>>>> Fairly sure you can do as Benoit suggests. It was certainly my
>>>> intention to allow one or other or both, and that was the case when I
>>>> did the original work.
>>>>
>>>> B.
>>>>
>>>> On 21 October 2011 12:24, Benoit Chesneau <bchesneau@gmail.com> wrote:
>>>>> On Fri, Oct 21, 2011 at 12:56 PM, Nils Breunese <N.Breunese@vpro.nl>
wrote:
>>>>>> Nestor Urquiza wrote:
>>>>>>
>>>>>>> Is it possible to leave just SSL (6984) listening? I have enabled
SSL
>>>>>>> but requests are still accepted via plain HTTP 5984.
>>>>>>
>>>>>> I don't know if CouchDB has a configuration setting that lets you
disable HTTP, but I guess you could use a firewall to block access to the HTTP port?
>>>>>>
>>>>>> Nils.
>>>>>> ------------------------------------------------------------------------
>>>>>>  VPRO   www.vpro.nl
>>>>>> ------------------------------------------------------------------------
>>>>>>
>>>>> You can probably comment the httpd line in [daemons] and only use the
https one.
>>>>>
>>>>> - benoit
>>>>>
>>>>
>>>
>>
>> did you comment the line in default.ini?
>>
>> - benoit
>>
>

Is there a sensible way to do this in local.ini to avoid advising
users to fiddle with default.ini, which gets over-written each
release?

A+
Dave

Mime
View raw message