0

On Ubuntu, Nginx apparently listens on all of the IPs in 127.0.0.0/8. How can I disable listening on 127.0.0.0 and 127.0.0.2127.255.255.255? That is, the only IPv4 loopback address that I want Nginx to listen on is 127.0.0.1. Answers to this question should not affect Nginx listening on any other IP addresses (e.g., the server's LAN and WAN addresses).

Stop nginx listening on all IPs? is a related question, but this question is specific to disabling Nginx on the loopback interfaces only without limiting it to a single listening IP.

Ben Zelnick
  • 103
  • 4

1 Answers1

2

Did you read the official documentation on the listen directive? Or the documentation on How nginx processes a request?

Syntax: listen address[:port] [default_server] [ssl] [http2 | quic] [proxy_protocol] [setfib=number] [fastopen=number] [backlog=number] [rcvbuf=size] [sndbuf=size] [accept_filter=filter] [deferred] [bind] [ipv6only=on|off] [reuseport] [so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]];

So

server {
    listen 127.0.0.1:80;     # loopback
    listen 192.168.1.100:80; # LAN
    listen 192.0.2.3:80;     # WAN
}

or

server {
    listen 127.0.0.1;     # loopback
    listen 192.168.1.100; # LAN
    listen 192.0.2.3;     # WAN
}

because

If only address is given, the port 80 is used.

Esa Jokinen
  • 46,944
  • 3
  • 83
  • 129
  • If I write `listen 127.0.0.1:80;` or `listen 127.0.0.1;`, then that will make my server inaccessible from other machines. As I wrote in my question, I'd just like to *disable* listening on some of the loopback addresses, not *enable* listening on one of them. – Ben Zelnick Jul 02 '23 at 20:42
  • 2
    then `listen` on only the address**es** you want to listen on? – Jaromanda X Jul 02 '23 at 23:58