how to disable unencrypted traffic(port 80) on lighttpd
How about, commenting out
# /etc/rc.d/lighttpd start
Or, you could comment out the fastcgi.server
lines in
/etc/lighttpd/lighttpd.conf
Ok, this is the reference I was looking for, are you using these things?
I think the bottom line is, if you just make the server.port
443
and
remove the port 80 config entirely instead of a redirect, the server would respond only on 443.
Comments
-
hayalci over 1 year
We want to run an SSL only lighttpd process. Which configuration option should be used to turn off port 80 with its unencrypted traffic ?
Lighttpd documents only provide a "redirection" to https traffic, but we want a complete silence on port 80. We want to keep lighttpd listening only on 443 for encrypted(https) traffic.
Update [Solution]
Setting only "
server.port = 443
" does not help. SSL config was :$SERVER["socket"] == "0.0.0.0:443" { ssl.engine = "enable" ssl.pemfile = "/etc/cert.pem" }
That gave the error.
can't bind to port: 0.0.0.0 443 Address already in use
Removing the conditional SSL altogether solved the issue, the config became:
server.port = 443 ssl.engine = "enable" ssl.pemfile = "myweb.pem"
-
hayalci almost 15 yearswe want to disable http traffic and keep only https traffic. We are not even using fastcgi or php.
-
nik almost 15 yearsAn
iptables
trick should also stop incoming port-80 traffic. Unless, you want to run something else there. -
nik almost 15 yearsOk, then does the last part I just added work on your configuration?