[tor-talk] Webserver on 127.0.0.1 only?

Ralf-Philipp Weinmann ralf at coderpunks.org
Wed May 9 13:02:21 UTC 2012


On 5/9/12 2:52 PM, Jerzy Łogiewa wrote:
> when building webserver I want only 127.0.0.1 able to connect - not the internet and not 192.168.x.x even! 
> 
> this is for hidden service _ONLY_ and no one even on local network should be able to probe for it.
> 
> i know how to setup hidden service basically. how can i do this above with apache or lighttpd? if i want the same for ssh how can I do it using system?
> 
> restrict all connections to 127.0.0.1 - and no tails please!  :-D

Hi Jerzy,

try

Listen 127.0.0.1:80

in your Apache configuration,

server.bind = "127.0.0.1"

in your lighttpd config and

ListenAddress 127.0.0.1

in your sshd config.

This makes the daemons only bind to the loopback interface. After a
server restart, check with netstat that you really are not listening on
any external interface:

netstat -na | grep '^tcp.*LISTEN'

Cheers,
Ralf


More information about the tor-talk mailing list