I have a bare-bones install of jenkins on my Ubuntu server that I installed using just sudo apt-get install jenkins, as a result, jenkins is now accessible from all the domains that point to my box by simply adding :8080 on the the URL.
I have successfully configured apache to proxy jenkins to I can access it from ci.mydomain.com, but I cannot work out how to prevent jenkins from being accessible on port 8080.
Here is my apache conf:
<VirtualHost xx.xx.xx.xx:80>
ServerAdmin me@mydomain.com
ServerName ci.mydomain.com
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
ProxyRequests Off
<Proxy http://localhost:8080/*>
Order deny,allow
Allow from all
</Proxy>
</VirtualHost>
I've followed the Ubuntu instructions here, but they didn't seem to have any effect.
You can use iptables since it's Ubuntu, to block all non-local access to port 8080.
iptables -A INPUT -p tcp --dport 8080 -s localhost -j ACCEPT
iptables -A INPUT -p tcp --dport 8080 -j DROP