1 Reply Latest reply on Sep 30, 2003 4:42 AM by juha

    Secure port 8083

    anaholzbach
    anaholzbach Sep 24, 2003 9:08 AM

      Hello,

      We're running JBoss 3.2.1 and we've just discovered that http://server:8083/WEB-INF./web.xml allows viewing of the web.xml under jboss-net.sar/jboss-net.war.

      We're using webservices, so removing the .sar is not an option. Is there a way we can restrict access to port 8083 otherwise ?

      Any help will be much appreciated.

      Thanks,

      Ana

      • 4156 Views
      • Tags:
        • 1. Re: Secure port 8083
          juha Sep 30, 2003 4:42 AM (in response to anaholzbach)

          Close 8083 with firewall. There used to be a bug with the 8083 web service that you could not remove it, I don't know if it's fixed or not. In most cases you should always block 8083 on production systems (or at least make sure it only serves EJB resources not all server resources).

          -- Juha

            • Actions