标签:sel org sudo art check rect tag index tle
A standard Tomcat installation starts the webserver on port 8080 – which is usually not the desired behavior. In order to change the server to port 80 there are two options which I outline in the following:
Tomcat continues to listen on port 8080 (and 8443 for https). The traffic is redirected by iptables.
You don’t need to change anything in Tomcat itself, just add according
Iptables-Forwarding rules. Actually this looks more complicated than the
alternative – but it is the more secure way and you do not need to
touch Tomcat’s config.
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
# check that rules are not there alreadysudo iptables -L -n -t nat# Add rulessudo iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080sudo iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443# Checksudo iptables -L -n -t nat# Savesudo /service iptables save# Restart iptablessudo /etc/init.diptables restart# final checksudo iptables -L -n -t nat |
This configures to run Tomcat directly on port 80. As this is a
priviledged port, Tomcat must run as root – this is usually not
recommended.
The advantage: It’s simple!
The disadvantage: A webserver shouldn’t run as root.If you want to do this nevertheless, edit /etc/tomcat7/server.xml and change the connector port from 8080 to just 80:
|
1
2
3
4
|
<Connector port="<del>80</del>80" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> |
Now edit /etc/tomcat7/tomcat7.conf and set the tomcat user to root:
|
1
|
TOMCAT_USER="root" |
And restart Tomcat:
|
1
|
sudo service tomcat7 restart |
REF:
https://www.locked.de/how-to-run-tomcat-on-port-80/
Run tomcat on port 80 not 8080
标签:sel org sudo art check rect tag index tle
原文地址:https://www.cnblogs.com/emanlee/p/10086946.html
