How to block access to Tomcat listening port, and allow localhost only?

Question

I have an application running on Tomcat and listening on port 8080. I made the redirect changes on the Apache level (httpd) to provide my users with the ability to only type

Answer 1

You can block a port using iptables, which is quite secure considering it's on OS level:

iptables -A INPUT/ -p tcp --dport 8080 -j DROP

Or you can comment the 8080 connector in tomcat’s configuration (in server.xml):

Or you can just limit access to localhost (in case you want to use the manager app, etc.):

(don’t forget to restart tomcat afterwards).