Results 1 to 7 of 7

Thread: Apache 1.3 Stop port 80 listening

  1. #1
    Agent of the System ikonia's Avatar
    Join Date
    May 2004
    Location
    South West UK (Bath)
    Posts
    3,736
    Thanks
    39
    Thanked
    68 times in 51 posts

    Apache 1.3 Stop port 80 listening

    hi all,

    I'm looking at an unsual conifguration for apache.

    I currently have it listening on port 80 for http and 443 using mod_ssl

    I want to stop http traffic listening, so I want to stop port 80 from listening full stop.

    This way apache only listening on 443 and responds with mod_ssl
    (I know there are other ways of doing this but this is the way I have to go at the moment)

    If I set the Listen directive to 443 - then apache will refuse to start as that port will already be in use (by mod_ssl)

    If I comment out the Listen directive then apache won't start as it needs a socket to bind too.

    How (if possible) can I set apache to not listen on any ports other than mod_ssl on 443.

    Thanks
    It is Inevitable.....


  2. #2
    Registered+
    Join Date
    Mar 2005
    Posts
    26
    Thanks
    0
    Thanked
    0 times in 0 posts
    Don't know what OS you're using, but in the first instance do you have two seperate httpd.conf files? :-

    /etc/apache/httpd.conf and
    /etc/apache-ssl/httpd.conf

    you could try :-

    ~#>apachectl stop ; apache-sslctl start ; nmap localhost ( see what ports are open )
    Rig 1: Asus A7V600, XP2000+ , 512MB DDR 2700, GeForce2 MX 400, EMU10k1 (rev 04), Bt878 (rev 11)
    Rig 2: Asus A7V333, XP2000+ , 512MB DDR 2700, nvidia TNT2, YMF 724

  3. #3
    Agent of the System ikonia's Avatar
    Join Date
    May 2004
    Location
    South West UK (Bath)
    Posts
    3,736
    Thanks
    39
    Thanked
    68 times in 51 posts
    yngvai - a good try, but I think thats a specific linux distribution thing, as apache-sslctl doesn't exist as part of apache.

    I actually think this is impossible, in that to use mod_ssl apache needs to be running to load the module, and for apache to run it needs to listen on a port so I don't think my origional question would be possible at all.
    It is Inevitable.....


  4. #4
    Sublime HEXUS.net
    Join Date
    Jul 2003
    Location
    The Void.. Floating
    Posts
    11,819
    Thanks
    213
    Thanked
    233 times in 160 posts
    • Stoo's system
      • Motherboard:
      • Mac Pro
      • CPU:
      • 2*Xeon 5450 @ 2.8GHz, 12MB Cache
      • Memory:
      • 32GB 1600MHz FBDIMM
      • Storage:
      • ~ 2.5TB + 4TB external array
      • Graphics card(s):
      • ATI Radeon HD 4870
      • Case:
      • Mac Pro
      • Operating System:
      • OS X 10.7
      • Monitor(s):
      • 24" Samsung 244T Black
      • Internet:
      • Zen Max Pro
    Can't you just filter port 80 at a firewall etc ?
    (\__/)
    (='.'=)
    (")_(")

  5. #5
    Registered+
    Join Date
    Mar 2005
    Posts
    26
    Thanks
    0
    Thanked
    0 times in 0 posts
    Quote Originally Posted by ikonia
    I actually think this is impossible, in that to use mod_ssl apache needs to be running to load the module, and for apache to run it needs to listen on a port so I don't think my origional question would be possible at all.
    Hi Ikonia

    If your purpose is to solely run apache with openssl on port 443, but not on port 80, it should be possible. It's just that my distro does it all for me and I have to mess up my
    setup here to investigate the problem. If you're trying to do something else, sorry I misunderstood..

    [edit]

    A couple of links I found, in case you didn't already find them yourself:-

    http://lucas.ucs.ed.ac.uk/tutorials/apache/1x.ssl.html
    http://www.apache-ssl.org/#FAQ
    Last edited by yngvai; 13-04-2005 at 02:16 PM.
    Rig 1: Asus A7V600, XP2000+ , 512MB DDR 2700, GeForce2 MX 400, EMU10k1 (rev 04), Bt878 (rev 11)
    Rig 2: Asus A7V333, XP2000+ , 512MB DDR 2700, nvidia TNT2, YMF 724

  6. #6
    Agent of the System ikonia's Avatar
    Join Date
    May 2004
    Location
    South West UK (Bath)
    Posts
    3,736
    Thanks
    39
    Thanked
    68 times in 51 posts
    Stoo - yes we could, but as I said my first post there are better and more correct ways of doing this but for the purpose of this debate - this is the way I have to go.

    yngvai - reading through your linkx now.

    I'd be very interested in seeing your /etc/apache-ssl/httpd.conf and your apache-sslctl script.
    It is Inevitable.....


  7. #7
    Registered+
    Join Date
    Mar 2005
    Posts
    26
    Thanks
    0
    Thanked
    0 times in 0 posts
    Quote Originally Posted by ikonia
    yngvai - reading through your linkx now.

    I'd be very interested in seeing your /etc/apache-ssl/httpd.conf and your apache-sslctl script.
    Kewl ... hope it helps, I've pm'd you regarding the conf files. Let me know if it's any use.
    Rig 1: Asus A7V600, XP2000+ , 512MB DDR 2700, GeForce2 MX 400, EMU10k1 (rev 04), Bt878 (rev 11)
    Rig 2: Asus A7V333, XP2000+ , 512MB DDR 2700, nvidia TNT2, YMF 724

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •