问题描述
Apache JServ协议(AJP)是一种二进制协议,可以将来自Web服务器的入站请求代理到位于Web服务器后面的应用程序服务器.
The Apache JServ Protocol (AJP) is a binary protocol that can proxy inbound requests from a web server through to an application server that sits behind the web server.
因此,不建议在Internet上公开访问AJP服务.如果AJP配置错误,它可能允许攻击者访问内部资源.因此,我只想在生产系统上启用此服务,而不能在开发系统或QA系统上启用.
Since, It's not recommended to have AJP services publicly accessible on the internet. If AJP is misconfigured it could allow an attacker to access to internal resources. Therefore, I want to enable this service only on my production system not on Development system or QA system.
请告知我,如何在开发和质量检查系统上禁用此服务.
Please let me know, How should i disable this service on Development and QA system.
推荐答案
为Tomcat查找配置文件
Find your config file for Tomcat
${tomcat}/conf/server.xml
然后注释掉这一行:
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
这篇关于如何禁用Apache JServ协议服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!