Read more

Restrict Apache access to your local computer

Henning Koch
January 23, 2011Software engineer at makandra GmbH

When you are using Apache for development, it still accepts connections from everyone in the same network as you.

Illustration online protection

Rails Long Term Support

Rails LTS provides security patches for old versions of Ruby on Rails (2.3, 3.2, 4.2 and 5.2)

  • Prevents you from data breaches and liability risks
  • Upgrade at your own pace
  • Works with modern Rubies
Read more Show archive.org snapshot

In order to only allow requests to your Apache coming from your local computer, edit your /etc/apache2/ports.conf so all Listen directives point to 127.0.0.1:

Listen 127.0.0.1:80
<IfModule mod_ssl.c>
    Listen 127.0.0.1:443
</IfModule>

After the change stop and start your Apache and check with netstat that Apache no longer listens to 0.0.0.0:

sudo /etc/init.d/apache2 stop
sudo /etc/init.d/apache2 start
sudo netstat -napl | grep apache
Posted by Henning Koch to makandra dev (2011-01-23 02:37)