Block access to HTTP on port 80 (Windows) or port 8080 (Linux) in Spectrum OneClick

book

Article ID: 50709

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

Block access to HTTP on port 80 (Windows) or port 8080 (Linux) in Spectrum OneClick

Having enabled SSL in Spectrum OneClick, access to the non-secure http:// webpage needs to be blocked in order to maximize security of the server and client connections.

Environment

Any Spectrum version

Resolution

1. Make a backup of the $SPECROOT/tomcat/conf/server.xml file

2. Edit the $SPECROOT/tomcat/conf/server.xml file

3. Find the sections that defines HTTP on port 80/8080 and comment them out using HTML comment tags <!-- ... -->

For example:

<!-- Define a non-SSL HTTP/1.1 Connector on port 80 -->
<Connector port="80" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="true" redirectPort="443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true">
Then comment the whole section out:
<!--
<!-- Define a non-SSL HTTP/1.1 Connector on port 80 -->
<Connector port="80" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
enableLookups="true" redirectPort="443" acceptCount="100" connectionTimeout="20000" disableUploadTimeout="true" />
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 443 -->
-->   

4. Recycle tomcat on the OneClick system

Additional Information

Please reference the "Configure OneClick for Secure Sockets Layer" section of the documentation for more information.