1 Reply Latest reply on Sep 30, 2003 4:42 AM by Juha Lindfors

    Secure port 8083

    Ana Holzbach Newbie

      Hello,

      We're running JBoss 3.2.1 and we've just discovered that http://server:8083/WEB-INF./web.xml allows viewing of the web.xml under jboss-net.sar/jboss-net.war.

      We're using webservices, so removing the .sar is not an option. Is there a way we can restrict access to port 8083 otherwise ?

      Any help will be much appreciated.

      Thanks,

      Ana

        • 1. Re: Secure port 8083
          Juha Lindfors Master

          Close 8083 with firewall. There used to be a bug with the 8083 web service that you could not remove it, I don't know if it's fixed or not. In most cases you should always block 8083 on production systems (or at least make sure it only serves EJB resources not all server resources).

          -- Juha