Hi,

I have searched everywhere but can't figure out how to do this.

Basically, I want to remove the :8080 from my urls so I my portal will be ready for deployment. When I type in http://localhost/ I want to access the portal, rather than typing in http://localhost:8080

How does one do this?

Any advice would be great!

Thanks in advance,

Mike

Provided that you use Apache/Tomcat, the port setting is at $CATALINA_HOME/conf/server.xml. You will need to change the port 8080 to 80.

You may want to also check the "Portal Administrator's Guide" and your server's specific settings before deployment.

if you change the port that coyote is listening (coyote is the tomcat http connector) you are still serving the pages from coyote.
I think is better to put apache web-server behind tomcat and your clients and then use ajp13 protocol (apache mod_jk) to redirect the request from apache to tomcat... you can also turn off the coyote connector.

I agree with Gustavo, changing tomcat to run on port 80 will also force you to run it by the root user. Adding apache in front has a lot of advantages.

Hello,

I found this thread and have one question regarding firewall settings:

I have configured Tomcat being behind Apache2 using the ajp13 (mod_jk) stuff, wasn't too hard at all. Now I want to configure a hardware firewall and ask myself, if I could block port 8080 from outside, since incoming connections go via Apache2 virtual host on port 80.

Does anyone know if port 8080 still needs to be open to public?

Kind regards,

Dansen

switch from mod_jk to mod_proxy
proxypass and proxypassreverse

then block port 8080

Hi Steve,

thanks for the information, it worked!

regards,

...

Just to offer one potentially useless suggestion: although having Apache field requests at port 80 and forwarding them to Tomcat at port 8080 is usually what people do, there's another possibility. On Linux boxes, you can use iptables to redirect requests from port 80 to port 8080. This allows Tomcat to run as non-root on port 8080 and means you don't have to deploy Apache. In my case, the RAM saved on my slice was worth it, not to mention the simpler machine configuration.

I followed this tip to get iptables redirecting the port 80 traffic to port 8080:

http://esupport.marvinsweb.net/index.php?_m=knowledgebase&_a=viewarticle&kbarticleid=138

FWIW,
David

You seem to have already solved your problem, but just for the records, let me add: If nobody from the public accesses port 8080 you don't need it open for the public.

If Apache forwards to port 8080 (i.e. via mod_proxy) and lives on the same server, you can configure the connection to go to 127.0.0.1, which is usually no problem for firewalls - especially not if you're talking about hardware firewalls - I understand that this would be a different box without any knowledge about your webservers notion of 127.0.0.1.

If Apache and (e.g.) Tomcat live on different servers that are not connected through said firewall (e.g. because both are behind the same firewall) you also can block all access to tomcat from the public.

Last: This forum category contains a lot of questions and good answers about mod_jk, mod_proxy and related configuration means to publish liferay sites on port 80 instead of 8080.

Hi,

I still have to have Apache 2 for other reasons, so the port forwarding sounds nice, but I cannot use it here. And yes, the server is behind a hardware (shared) firewall. I also searched the tipps here at Liferay forums but could not find any hint if 8080 can be blocked.

Thanks for the help,

Eric

Hi, Olaf

I want to ask another question about putting Tomcat behind Apache. I active the two modules on Apache to remove the 8080 from the URL.
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
I used to put some big files at apache/htdocs to let download from the url http://localhost/abc.file. But When actived the two modules, all request are now go to tomcat. And I don't know where to put my file and what the URL will be!

Any hints?

Thanks in advance.

li guicheng

You can either configure Liferay to be not on the root context "/", but, for example, on "/portal", so that Apache needs to forward just this URL-path to Liferay. This frees up all the other paths that can be delivered by Apache.

If you use mod_jk and the JkMount directive, note that there's also a JkUnmount (or JkUnMount) directive (are they case-sensitive?), that allows you to name exceptions for the JkMount rules - e.g. "JkUnmount /static" will deliver the URL-path /static/* from Apache