How can I get Jenkins to stop listening for remote connections?

ubuntu hudson jenkins
18,366

Debian

If you installed Jenkins from the Debian package, you can modify /etc/default/jenkins and add the following line somewhere:

HTTP_HOST=127.0.0.1

and then add --httpListenAddress=$HTTP_HOST to the JENKINS_ARGS so that it reads something like:

JENKINS_ARGS="--webroot=/var/run/jenkins/war --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT --httpListenAddress=$HTTP_HOST"

Ubuntu

If you installed Jenkins from the Ubuntu Oneiric (11.10) package, edit /etc/init/jenkins.conf and add --httpListenAddress=127.0.0.1 to the JENKINS_ARGS line, so that it reads like:

JENKINS_ARGS="--webroot=$JENKINS_RUN/war --httpPort=$HTTP_PORT --ajp13Port=$AJP_PORT --httpListenAddress=127.0.0.1"

RedHat/CentOS/Amazon Linux

If you installed Jenkins using YUM repository, modify /etc/sysconfig/jenkins and edit JENKINS_LISTEN_ADDRESS to JENKINS_LISTEN_ADDRESS=127.0.0.1

Share:
18,366

Related videos on Youtube

Ludo
Author by

Ludo

Updated on September 17, 2022

Comments

  • Ludo
    Ludo almost 2 years

    I have Jenkins sitting behind Nginx, with Nginx taking care of authentication, but Jenkins is still listening on port 8080 externally, so by accessing the box on port 8080 people can bypass Nginx.

    How can I tell it to stop listening for remote connections and just accept connections locally?

    It looks like it might be something to do with this ajp13ListenAddress param, but I can't figure out how to set that in the init.d script installed with Jenkins.

    Thanks loads for any help!

    Ludo.

    (Looks like there's no Jenkins tag yet and I can't create it as I don't have rep)

    • davey
      davey over 13 years
      Just added jenkins tag.
    • Tom O'Connor
      Tom O'Connor over 13 years
      This is why I tend to deploy Hudson/Jenkins inside Tomcat..
    • pboin
      pboin over 13 years
      Commenting, because I can't directly answer your question. Have you considered mitigating by using iptables and/or tcpwrappers?
  • Leogout
    Leogout over 2 years
    If like me you are in the third case but you are also using HTTPS, it's JENKINS_HTTPS_LISTEN_ADDRESS that you want to set to 127.0.0.1

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to configure Jenkins to run on port 80
How to add some prebuild steps to jenkins?
Copy generated folder from one job to another in Hudson/Jenkins
How to configure Jenkins to send emails?
Jenkins can't access shell alias
Jenkins: Running remote test scripts and reporting results
Need Step by Step Guide to execute the Jmeter Scripts in Jenkins (with Hudson build) over Ubuntu
Where is JENKINS_HOME in windows?
Can I mass edit jenkins jobs by modifying the config.xml files?
Configure Hudson to only execute Build or Post Build actions if changes in SVN are detected