Missed Team ’24? Catch up on announcements here.

×
Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

closing the tomcat shutdown port 8005?

Daniel G.
Daniel G. October 19, 2018

In my config files of dockerised Jira and Confluence, I have found "SHUTDOWN_PORT=8005" (along with standard 8080). I was wondering, what actuall consequences would I have if I close this port or simply do not expose it?
Would it have some consequences on the overall stability of the pod during running or shutting down?

Answer
Watch
Like Be the first to like this
11087 views

2 answers

1 accepted

1 vote
Answer accepted
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 19, 2018

The shutdown port is expected to be open, but only really needs to be accessible from the machine running Tomcat.  It does not need to be accessible to outside addresses in most cases.   If you close it off entirely, you can do that by not listing any port number at all, then the shutdown scripts used to try to shutdown the instance are likely to be unable to cleanly stop the process.  Depending on what is happening in the process at that time, it is possible that you could have some kind of data loss, or index corruption, etc during shutdown.

I think the better solution would be to only expose that port to the localhost / loopback address.  That way the server running jira can still shutdown cleanly, but you won't get shutdown attempts from other interfaces. 

I also found this site that offers some other ideas about securing the shutdown port, check out https://www.owasp.org/index.php/Securing_tomcat#Protecting_the_Shutdown_Port as it might be of interest here.

View More Comments
Daniel G.
Daniel G. October 22, 2018

Thank you Andrew for such a nice answer!

Like
Andy Heinzer
Andy Heinzer
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
October 22, 2018

Happy to help.  If this answered your question, please click the Accept Answer button on this post.  That way should other users search for this topic in the future, this issue will be prefaced with a 'solved:' headline that can help search results find this topic more easily.

Like
Reply
0 votes
JP _AC Bielefeld Leader_
JP _AC Bielefeld Leader_
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
October 20, 2018

Hi,

one should add that you can define a command name string to shutdown Tomcat.

You might want to check:

https://tomcat.apache.org/tomcat-9.0-doc/config/server.html

Best

JP

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira
TAGS
AUG Leaders

Atlassian Community Events

    See all events