April 20, 2016 07:19AM
I have a Tomcat server serving a web application and I have a Nginx server running in front of it as a reverse proxy. Both the servers are on Intranet, in the same domain network. The issue I am facing is, the tomcat server is accessible through both IP addresses - if I use the Nginx IP, it redirects to the Tomcat FQDN (expected) but if I ping using the FQDN tomcat.domain.com, it reveals the real IP of the Tomcat server and not that of Nginx server. Effectively, my Nginx server is not serving any purpose. I was suggested to firewall the Tomcat instance, but based on my findings from different forums, limiting Tomcat to listen to localhost seemed to be the way to go. In order to prevent Tomcat from listening to other IPs, I added "address=" to the connector configuration. The entire connector block is like this -

<Connector port="8080"

In the Nginx server, I have these lines for the server configuration.

server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;

server_name <FQDN>;
location / {
proxy_pass <FQDN>;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
Now, if I try to use the FQDN to access the web application, Chrome reports ERR_CONNECTION_REFUSED. My Nginx configuration seems to be the culprit based on what I understood. How can it be corrected?
Subject Author Posted

Making Tomcat accessible only through nginx reverse proxy

gischethans April 20, 2016 07:19AM

Re: Making Tomcat accessible only through nginx reverse proxy

Francis Daly April 20, 2016 02:20PM

Re: Making Tomcat accessible only through nginx reverse proxy

ron ramos April 25, 2016 10:08PM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 274
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready