AJP 1.3 Connector listens on port 8009 globally, why and how to turn it off?
I set up a Tomcat 6 with an Apache 2 and mod_proxy. Now I have this default value in my server.xml:
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />
netstat looks like this:
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 4703/apache2
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1020/sshd
tcp 0 0 127.0.0.1:8005 0.0.0.0:* LISTEN 10517/java
tcp 0 0 0.0.0.0:8009 0.0.0.0:* LISTEN 10517/java
tcp 0 0 127.0.0.1:8009 127.0.0.1:48704 ESTABLISHED 10517/java
tcp 0 0 127.0.0.1:48704 127.0.0.1:8009 ESTABLISHED 11696/apache2
My question's now, is there a necessarity for AJP to listen on port 8009 globally, I don't think so?! And how to turn it off?
Answer
You can comment out this connector from server.xml. It is used by mod_jk, mod_proxy does not need this port (it uses standard HTTP Tomcat connector, 8080 port by default).However, mod_jk is sometimes preferred over mod_proxy.