You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@nifi.apache.org by "Nathan Gough (Jira)" <ji...@apache.org> on 2020/02/14 18:35:00 UTC
[jira] [Commented] (NIFI-7151) Investigate if NiFi is listening on
loopback address
[ https://issues.apache.org/jira/browse/NIFI-7151?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17037191#comment-17037191 ]
Nathan Gough commented on NIFI-7151:
------------------------------------
When I list LISTENING ports when NiFi is running in secured mode (configured with truststore/keystore and using nifi.web.https.host and nifi.web.https.port), I do not see a port at which the NiFi UI is running.
I am using
{code:java}
lsof -nP -iTCP | grep LISTEN{code}
and
{code:java}
netstat -an | grep LISTEN{code}
on MacOS 10.14.6
I do see port listening *.8000, which is the debug port configured in bootstrap.conf. This could be confused with a running insecure NiFi UI. In a production environment, the debug port should be disabled.
I do not believe a secured NiFi instance will open insecure ports as reported.
> Investigate if NiFi is listening on loopback address
> ----------------------------------------------------
>
> Key: NIFI-7151
> URL: https://issues.apache.org/jira/browse/NIFI-7151
> Project: Apache NiFi
> Issue Type: Task
> Components: Security
> Reporter: Nathan Gough
> Assignee: Nathan Gough
> Priority: Minor
>
> It was reported that NiFi listens to a HTTP port on loopback interface or all interfaces when NiFi is running in secured mode (HTTPS port and host configured).
> Investigate if a secured NiFi opens HTTP ports.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)