Appian Community
Site
Search
Sign In/Register
Site
Search
User
DISCUSS
LEARN
SUCCESS
SUPPORT
Documentation
AppMarket
More
Cancel
I'm looking for ...
State
Not Answered
Replies
2 replies
Subscribers
9 subscribers
Views
1136 views
Users
0 members are here
Share
More
Cancel
Related Discussions
Home
»
Discussions
»
Administration
I am not a JBoss expert so hope you can help me out. Part of the required confi
jasonc248
over 9 years ago
I am not a JBoss expert so hope you can help me out. Part of the required configuation in Appian 7.2 Jboss setup is below. What are say the consequences if we have it local host 127.0.0.1? We are just attempting to make our server more secure and standard with regards to our security folks. The setting in question I copied below.
Allow Public Access
To allow access from bindings other than localhost find the following code in <JBOSS_EAP_HOME>/standalone/configuration/standalone.xml:
<interface name="public">
<inet-address value="${jboss.bind.address:127.0.0.1}"/>
</interface>
Replace 127.0.0.1 with 0.0.0.0.
Once set, any socket binding associated with the public interface will now be accessible from any IP address.
...
OriginalPostID-116854
OriginalPostID-116854
Discussion posts and replies are publicly visible
Parents
0
Stefan Helzle
A Score Level 3
over 9 years ago
If you bind JBoss to the local interface (127.0.0.1) your Appian Installation would be accessible from that system only. That is OK for a small development system, but not for a client server setup.
At my current client the security dept. is doing an audit on the system to find any open ports and try to penetrate them. A running JBoss has some open ports for RMI and monitoring. When you lock down any open ports on the system except HTTPS you should be fairly safe. Maybe you contact professional services for more detailed info on this topic.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
Reply
0
Stefan Helzle
A Score Level 3
over 9 years ago
If you bind JBoss to the local interface (127.0.0.1) your Appian Installation would be accessible from that system only. That is OK for a small development system, but not for a client server setup.
At my current client the security dept. is doing an audit on the system to find any open ports and try to penetrate them. A running JBoss has some open ports for RMI and monitoring. When you lock down any open ports on the system except HTTPS you should be fairly safe. Maybe you contact professional services for more detailed info on this topic.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
Children
No Data