I'm using a software which is accessible by http://server_ip:certain_port
I want it to be accessible internally only, by http://localhost:port
.
How can I block those ports from the outside?
I'm using a software which is accessible by http://server_ip:certain_port
I want it to be accessible internally only, by http://localhost:port
.
How can I block those ports from the outside?
You should tell Apache to listen on the lo interface only.
Reference
Firewall. If you are on Ubuntu or debian, ufw is a good choice. Set the firewall to allow ports by default but deny the particular port as a rule.
With my own experience of Web server, the most clean solution is to use Apache directive to restrict access via
.htaccess
directives file or in the site configuration.Advantages :
The directive you need to use are :
These directive will deny access to the whole web site, only connection coming from localhost (127.0.0.1) will be allowed. You can use the name or the IP address in the URI, they will be recognized as such by both Allow rules.
Where to put these directives :
.htaccess
file in the top directory containing the files for your web site you want to protectRemark :
For the
.htaccess
file be able to be loaded by the web server, you must have defined this web site with anAllowOverride Limit
orAllowOverride all
in the definition of the web site. Also,.htaccess
is the default name used for this and can be overriden by the Apache directiveAccessFileName <filename>