LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (http://www.linuxquestions.org/questions/linux-software-2/)
-   -   apache security for intranet: "listen 80" vs. "listen 127.0.0.1:80" (http://www.linuxquestions.org/questions/linux-software-2/apache-security-for-intranet-listen-80-vs-listen-127-0-0-1-80-a-486922/)

pulper 09-25-2006 06:20 PM

apache security for intranet: "listen 80" vs. "listen 127.0.0.1:80"
 
hi everyone:

i just started with apache and am using it for an intranet to host a calendar for everyone in our small office.

i cannot get apache to start if i list in the ports.conf file (ubuntu) the ip address of the network computers followed by the port (for example 192.168.0.101:80). i get an error which i cannot remember right now (am on a computer away from work).

however, if i use "listen 80", then i can access the apache server from another computer.

if i use "listen 80", am i opening the server to the internet? this is something that i want to avoid, which is why i wanted to list the ip addresses specifically.

thanks,

paul

w3bd3vil 09-25-2006 06:27 PM

since your computer is on a lan, no one will be able to access your webserver except your lan computers, unless you have forwarded port 80 on your router.

Wim Sturkenboom 09-26-2006 12:45 AM

The 'listen' indicates on which ip-address/port apache listens. If your apache server has multiple IP addresses, you can pick one of them. Apache will then only listen to requests on that ip-address and not on all addresses.
Is 192.168.0.101 the ip address of the apache server?

Your lan is supposed to be separated from the internet (see w3bd3vil's comment).
In my opinion it's anyway advisable to add a firewall on the apache server to prevent users from gaining access to something that they're not supposed to access (using e.g. telnet or ftp). Have a look at iptables.

pulper 09-27-2006 06:24 AM

thanks to both of you for your information. very helpful.

paul


All times are GMT -5. The time now is 10:23 AM.