tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Turner, John" <JTur...@AAS.com>
Subject RE: mod_jk
Date Mon, 03 Feb 2003 11:11:34 GMT

In production, you only want the connectors used for actual connections to
be enabled.  If you're leaving port 8080 open, there's really no purpose for
Apache, as one of the primary purposes of using Apache on port 80 instead of
Tomcat is security.  Leaving Tomcat available on 8080 undermines this goal.
So, if you are using a connector at all, there's no reason to have any port
open except the connector port.

The protocol used by the JK/JK2 connectors is not HTTP.  It is called "AJP",
which, I believe, stands for "Apache JServ Protocol".  JServ was the
"original" Apache + Tomcat connector.

John

-----Original Message-----
From: rf [mailto:rufoo2001@yahoo.com] 
Sent: Monday, February 03, 2003 2:29 AM
To: Tomcat Users List
Subject: Re: mod_jk


Thank you Lajos and Oscar.
Btw, what is the interface Apache uses to communicate
to Tomcat at 8009? I guess it wont be HTTP. For
security reasons, I assume it would be safer to run
all tomcat processes on the lo interface. Is this
correct, and recommended?

~rf.


--- Lajos <lmocz@galatea.com> wrote:
> Rf -
> 
> When you use mod_jk, Apache communicates to Tomcat
> on (default) port
> 8009. Port 8080 is for direct HTTP connections to
> Tomcat which, by 
> default is enabled. So, the answer is yes: you can
> expose web 
> applications to Apache via mod_jk, and access them
> on the Apache port, 
> but also access them by point your browser directly
> to the Tomcat port.
> 
> Regards,
> 
> Lajos
> 
> 
> rf wrote:
> > When I use a tomcat-apache connector to redirect
> http
> > requests to port 80 to port 8080, can I still use
> port
> > 8080 to connect to tomcat directly bypassing
> apache?
> > If yes, how do I not allow this? By running tomcat
> on
> > lo's 8080? What about on Windows?
> > 
> > Thank you
> > Rf
> > 
> > __________________________________________________
> > Do you Yahoo!?
> > Yahoo! Mail Plus - Powerful. Affordable. Sign up
> now.
> > http://mailplus.yahoo.com
> > 
> >
>
---------------------------------------------------------------------
> > To unsubscribe, e-mail:
> tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail:
> tomcat-user-help@jakarta.apache.org
> > 
> > 
> 
> 
> --
> 
> 
> 
>                     Lajos Moczar
>        ----------------------------------------
>      Open Source Support, Consulting and Training
>        ----------------------------------------
>              Cocoon Developer's Handbook
>  
> (www.amazon.com/exec/obidos/tg/detail/-/0672322579)
> 
>                     _      _____
>                    / \         /
>                   /___\      /
>                  /     \   /____
> 
>       http://www.galatea.com -- powered by AzSSL
> 
> 
>
---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail:
> tomcat-user-help@jakarta.apache.org
> 


__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

---

Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.449 / Virus Database: 251 - Release Date: 1/27/2003
 

---

Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.449 / Virus Database: 251 - Release Date: 1/27/2003
 

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message