make nginx only listen to localhost

Igor Sysoev is at rambler-co.ru
Sat Feb 21 16:31:14 MSK 2009


On Sat, Feb 21, 2009 at 11:53:48PM +1100, Gendouki Office wrote:

> yes that is correct
> 
> netstat -Lan | grep 8080
> 
> netstat: kvm not available: /dev/mem: No such file or directory
> 
> tcp4  0/0/2048       <server ip>.8080
> 
> 
> server ip is edited out.,

It seems you using jail under FreeBSD:

   netstat: kvm not available: /dev/mem: No such file or directory

and as far as I know jails in FreeBSD have no loopback interface (I do
not know the details). So in error_log you should see that nginx
was unable to apply a new configuration. You should use something
like this:

   server {
      listen 8080;

      allow  <server ip>;
      deny   all;


> thank-you for help im going to donate to nginx
> project now

Thank you.

> On Sat, Feb 21, 2009 at 11:30 PM, Igor Sysoev <is at rambler-co.ru> wrote:
> 
> > On Sat, Feb 21, 2009 at 10:54:54PM +1100, Gendouki Office wrote:
> >
> > > Hrmm, im not sure what im doing wrong then, i am mostly using default
> > > config, only 1 server {}
> > >
> > > stopping and starting using /usr/local/etc/rc.d/nginx stop
> >
> > It seems you use FreeBSD. What does
> >
> > netstat -Lan | grep 8080
> >
> > show ?
> >
> > >
> > > worker_processes  2;
> > >
> > > events {
> > >     worker_connections  1024;
> > > }
> > >
> > >
> > > http {
> > >
> > >     include       mime.types;
> > >     default_type  application/octet-stream;
> > >
> > >
> > >     sendfile        on;
> > >     #tcp_nopush     on;
> > >
> > >     #keepalive_timeout  0;
> > >     keepalive_timeout  65;
> > >
> > >     #gzip  on
> > >
> > >     server {
> > >         listen      127.0.0.1:8080;
> > >         server_name  _;
> > >
> > >         #charset koi8-r;
> > >
> > >         #access_log  logs/host.access.log  main;
> > >
> > >         location / {
> > >             root   /usr/local/www/nginx;
> > >             index  index.html index.htm;
> > >
> > >         }
> > >     }
> > > }
> > >
> > > On Sat, Feb 21, 2009 at 9:19 PM, Igor Sysoev <is at rambler-co.ru> wrote:
> > >
> > > > On Sat, Feb 21, 2009 at 08:54:05PM +1100, Gendouki Office wrote:
> > > >
> > > > > I am trying to make nginx only accessible by localhost:8080
> > > > > i have tried doing
> > > > >
> > > > > server {
> > > > >
> > > > > listen  127.0.0.1:8080;
> > > > >
> > > > >         server_name  _;
> > > > >
> > > > > ...
> > > > >
> > > > >
> > > > > however it still accepts requests from external ip's
> > > > >
> > > > >
> > > > > how can i stop this?
> > > >
> > > > This should work.
> > > > Have you are server{}s in configuration ?
> > > >
> > > > > i have also tried
> > > > >
> > > > > allow 127.0.0.1;
> > > > >
> > > > > deny all;
> > > >
> > > > This should work too.
> > > >
> > > > > but this seems to deny localhost as well
> > > > >
> > > > > running latest stable 0.6
> > > >
> > > >
> > > > --
> > > > Igor Sysoev
> > > > http://sysoev.ru/en/
> > > >
> > > >
> >
> > --
> > Igor Sysoev
> > http://sysoev.ru/en/
> >
> >

-- 
Igor Sysoev
http://sysoev.ru/en/





More information about the nginx mailing list