|
Allow only local access to apache server
Hi, I am running an apache web server on my ubuntu linux desktop box, just for the purpose of running and testing local web applications. I do not want any computers other than my desktop to have access to the web server.
Is there a way to configure apache or linux networking so it is only possible to access my local web server from the local machine? |
you can create an iptable rule that allows http (port 80) access to the local machine only. Iptables works by reading rules in sequantial order, once match is found it stops reading other proceeding rules.
you can have something like this Quote:
|
You can tell apache to only listen on the loopback interface: 127.0.0.1
Search your apache conf file for any Listen parameters and replace *:80 with 127.0.0.1:80 Cheers! |
Hi Elly,
when I try to do this I get an error: Code:
$ sudo iptables -A INPUT -t tcp --dport 80 -s localhost -j ACCEPT |
Try preceding the tcp argument with a -p instead of a -t as the the -t defines what table to use and you don't want that! the --dport should work then.
Your entry -A will ADD or APPEND the rule to the INPUT table. You may want to -I to INSERT (default is before other rules in that chain). Insert the rule to DROP other --dport 80 before you insert your -s localhost or insert the DROP rule as the second rule by -I INPUT 2 to put it in the second position. Maybe like this: sudo /sbin/iptables -I INPUT -p tcp --dport 80 -j ACCEPT sudo /sbin/iptables -I INPUT 2 -p tcp --dport 80 -j DROP This puts them at the front of your rules and the first match rocks Dave |
| All times are GMT -5. The time now is 12:55 AM. |