From 0e8a50f0a5958744bea1fd6768c862e04d3b7e75 Mon Sep 17 00:00:00 2001 From: Mark Thomas Date: Tue, 21 Jan 2020 13:02:13 +0000 Subject: [PATCH] Change the default bind address for AJP to the loopback address --- java/org/apache/coyote/ajp/AbstractAjpProtocol.java | 4 ++++ webapps/docs/changelog.xml | 4 ++++ webapps/docs/config/ajp.xml | 5 +---- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/java/org/apache/coyote/ajp/AbstractAjpProtocol.java b/java/org/apache/coyote/ajp/AbstractAjpProtocol.java index 2500abd7ad..8e0593b771 100644 --- a/java/org/apache/coyote/ajp/AbstractAjpProtocol.java +++ b/java/org/apache/coyote/ajp/AbstractAjpProtocol.java @@ -16,6 +16,8 @@ */ package org.apache.coyote.ajp; +import java.net.InetAddress; + import org.apache.coyote.AbstractProtocol; import org.apache.coyote.Processor; import org.apache.coyote.UpgradeProtocol; @@ -46,6 +48,8 @@ public AbstractAjpProtocol(AbstractEndpoint endpoint) { setConnectionTimeout(Constants.DEFAULT_CONNECTION_TIMEOUT); // AJP does not use Send File getEndpoint().setUseSendfile(false); + // AJP listens on loopback by default + getEndpoint().setAddress(InetAddress.getLoopbackAddress()); ConnectionHandler cHandler = new ConnectionHandler<>(this); setHandler(cHandler); getEndpoint().setHandler(cHandler); diff --git a/webapps/docs/config/ajp.xml b/webapps/docs/config/ajp.xml index c70af91eae..5535a062e7 100644 --- a/webapps/docs/config/ajp.xml +++ b/webapps/docs/config/ajp.xml @@ -308,10 +308,7 @@

For servers with more than one IP address, this attribute specifies which address will be used for listening on the specified - port. By default, this port will be used on all IP addresses - associated with the server. A value of 127.0.0.1 - indicates that the Connector will only listen on the loopback - interface.

+ port. By default, the loopback address will be used.