nifi-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nathan Gough (Jira)" <j...@apache.org>
Subject [jira] [Commented] (NIFI-7151) Investigate if NiFi is listening on loopback address
Date Fri, 14 Feb 2020 18:35:00 GMT

    [ https://issues.apache.org/jira/browse/NIFI-7151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17037191#comment-17037191
] 

Nathan Gough commented on NIFI-7151:
------------------------------------

When I list LISTENING ports when NiFi is running in secured mode (configured with truststore/keystore
and using nifi.web.https.host and nifi.web.https.port), I do not see a port at which the
NiFi UI is running.

I am using 
{code:java}
lsof -nP -iTCP | grep LISTEN{code}
and
{code:java}
netstat -an | grep LISTEN{code}
on MacOS 10.14.6

I do see port listening *.8000, which is the debug port configured in bootstrap.conf. This
could be confused with a running insecure NiFi UI. In a production environment, the debug
port should be disabled.

I do not believe a secured NiFi instance will open insecure ports as reported.

> Investigate if NiFi is listening on loopback address
> ----------------------------------------------------
>
>                 Key: NIFI-7151
>                 URL: https://issues.apache.org/jira/browse/NIFI-7151
>             Project: Apache NiFi
>          Issue Type: Task
>          Components: Security
>            Reporter: Nathan Gough
>            Assignee: Nathan Gough
>            Priority: Minor
>
> It was reported that NiFi listens to a HTTP port on loopback interface or all interfaces
when NiFi is running in secured mode (HTTPS port and host configured).
> Investigate if a secured NiFi opens HTTP ports.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

Mime
View raw message