Make nginx only listen to localhost


#1

I am trying to make nginx only accessible by localhost:8080
i have tried doing

server {

listen 127.0.0.1:8080;

    server_name  _;

however it still accepts requests from external ip’s

how can i stop this?

i have also tried

allow 127.0.0.1;

deny all;

but this seems to deny localhost as well

running latest stable 0.6


#2

On Sat, Feb 21, 2009 at 08:54:05PM +1100, Gendouki Office wrote:

however it still accepts requests from external ip’s

how can i stop this?

This should work.
Have you are server{}s in configuration ?

i have also tried

allow 127.0.0.1;

deny all;

This should work too.


#3

Hrmm, im not sure what im doing wrong then, i am mostly using default
config, only 1 server {}

stopping and starting using /usr/local/etc/rc.d/nginx stop

worker_processes 2;

events {
worker_connections 1024;
}

http {

include       mime.types;
default_type  application/octet-stream;


sendfile        on;
#tcp_nopush     on;

#keepalive_timeout  0;
keepalive_timeout  65;

#gzip  on

server {
    listen      127.0.0.1:8080;
    server_name  _;

    #charset koi8-r;

    #access_log  logs/host.access.log  main;

    location / {
        root   /usr/local/www/nginx;
        index  index.html index.htm;

    }
}

}


#4

yes that is correct

netstat -Lan | grep 8080

netstat: kvm not available: /dev/mem: No such file or directory

tcp4 0/0/2048 .8080

server ip is edited out., thank-you for help im going to donate to nginx
project now


#5

On Sat, Feb 21, 2009 at 10:54:54PM +1100, Gendouki Office wrote:

Hrmm, im not sure what im doing wrong then, i am mostly using default
config, only 1 server {}

stopping and starting using /usr/local/etc/rc.d/nginx stop

It seems you use FreeBSD. What does

netstat -Lan | grep 8080

show ?


#6

On Sat, Feb 21, 2009 at 11:53:48PM +1100, Gendouki Office wrote:

yes that is correct

netstat -Lan | grep 8080

netstat: kvm not available: /dev/mem: No such file or directory

tcp4 0/0/2048 .8080

server ip is edited out.,

It seems you using jail under FreeBSD:

netstat: kvm not available: /dev/mem: No such file or directory

and as far as I know jails in FreeBSD have no loopback interface (I do
not know the details). So in error_log you should see that nginx
was unable to apply a new configuration. You should use something
like this:

server {
listen 8080;

  allow  <server ip>;
  deny   all;

thank-you for help im going to donate to nginx
project now

Thank you.