Few days back I wrote about how to force OpenSSH (sshd) to listen on selected multiple IP address only. Kritika sends me following question:
I would like to bind port 80 on 3 of 5 IP address. By default Apache using all port 80. How do I force apache webserver to listen on all addresses except one ip address?
Just like OpenSSH's ListenAddress directive, apache has Listen directive. When Apache starts, it binds to some port and address on the local machine and waits for incoming requests. By default, it listens to all addresses on the machine. However, it needs to be told to listen on specific ports, or to listen on only selected addresses, or a combination. This is often combined with the Virtual Host feature which determines how Apache responds to different IP addresses, hostnames and ports.
The Listen directive tells the server to accept incoming requests only on the specified port or address-and-port combinations. If only a port number is specified in the Listen directive, the server listens to the given port on all interfaces. If an IP address is given as well as a port, the server will listen on the given port and interface. Multiple Listen directives may be used to specify a number of addresses and ports to listen on. The server will respond to requests from any of the listed addresses and ports.
In short open your httpd.conf file :
# vi httpd.conf
Setup Listen directive as follows:
Listen 202.5.1.1:80
Listen 202.5.1.2:80
Listen 202.5.1.3:80
Save and close the file. Restart the apache:
# /etc/init.d/httpd restart
Verify that apache listing to three IP address only:
# netstat -tulpn | grep :80
Featured Articles:
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- My 10 UNIX Command Line Mistakes
- 25 PHP Security Best Practices For Sys Admins
- The Novice Guide To Buying A Linux Laptop
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- Top 20 OpenSSH Server Best Security Practices
- Top 10 Open Source Web-Based Project Management Software
Facebook it - Tweet it - Print it -
We're here to help you make the most of sysadmin work. So, subscribe!
{ 3 comments… read them below or add one }
Well that was disappointing… The title of this article describes exactly what I want to do…. unfortunately, the article itself doesn’t give any related info, but describes the exact opposite situation, which is pretty much covered in every single guide to set up virtual hosts on apache…
Thanks for the article
As Coop says it would be great if Apache had a ‘listen to all IPs except’ however, after looking everywhere I guess this is simply not and available config.
wtf? the solution given is not at all what the title of the post is…