FreeBSD 8.3/amd64
nginx 1.2.1
jail
default config, but listen is:
server {
listen ip_addr_of_jail:80;
…
}
but
$ telnet 127.0.0.1 80
gets answer from nginx. If I remark this listen directive - nginx isn’t
answer.
Why nginx listens localhost?
I found something similar to this here:
http://mailman.nginx.org/pipermail/nginx/2009-February/009947.html
but
server {
listen 80;
allow ip_addr_of_jail;
deny all;
…
}
isn’t works too.
Thanks for help.
Posted at Nginx Forum:
Hello!
On Sat, Jun 09, 2012 at 06:25:55AM -0400, zgen wrote:
but
$ telnet 127.0.0.1 80
gets answer from nginx. If I remark this listen directive - nginx isn’t
answer.Why nginx listens localhost?
Because there is no localhost in a jail, it’s instead emulated by
the kernel by using jail’s ip instead of localhost. This is how
jails work, nothing to do with nginx.
}
isn’t works too.
This config is expected to resolve the opposite issue: as there is
no localhost in a jail one can’t listen on it as well (it will
listen on jail’s ip instead). So to allow only local connections
it’s not enough to use “listen 127.0.0.1”, the allow/deny
directives are needed as an additional protection.
Maxim D.
This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.
Sponsor our Newsletter | Privacy Policy | Terms of Service | Remote Ruby Jobs