如何禁用Apache JServ协议服务 [英] How to disable Apache JServ protocol service

问题描述

Apache JServ协议(AJP)是一种二进制协议，可以将来自Web服务器的入站请求代理到位于Web服务器后面的应用程序服务器.

The Apache JServ Protocol (AJP) is a binary protocol that can proxy inbound requests from a web server through to an application server that sits behind the web server.

因此，不建议在Internet上公开访问AJP服务.如果AJP配置错误，它可能允许攻击者访问内部资源.因此，我只想在生产系统上启用此服务，而不能在开发系统或QA系统上启用.

Since, It's not recommended to have AJP services publicly accessible on the internet. If AJP is misconfigured it could allow an attacker to access to internal resources. Therefore, I want to enable this service only on my production system not on Development system or QA system.

请告知我，如何在开发和质量检查系统上禁用此服务.

Please let me know, How should i disable this service on Development and QA system.

推荐答案

为Tomcat查找配置文件

Find your config file for Tomcat

${tomcat}/conf/server.xml

然后注释掉这一行:

<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

这篇关于如何禁用Apache JServ协议服务的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！