Make Jenkins invisible to remote users
I have a Jenkins server on my local windows device, but I want to make it invisible to the outside world (office rules regarding servers). The obvious and insecure way that works satisfactorily is to set up a firewall rule to block inbound access to its port, but I believe there should be Jenkins setup to stop advertising its services to anyone other than local. Can anyone tell me if there is?
Note that setting up user credentials is not a valid solution because a server that is visible but inaccessible without login still violates office rules.
source to share
From Launching and Accessing Jenkins, you need --httpListenAddress=127.0.0.1
the command line parameter:
- httpListenAddress = $ HTTP_HOST - Binds Jenkins to the IP address represented by $ HTTP_HOST. The default is 0.0.0.0 - that is, listening on all available interfaces. For example, to listen for requests from localhost only, you can use: --httpListenAddress = 127.0.0.1
If you start your Jenkins as a windows service, you can extend the command line arguments in a file jenkins.xml
in the Jenkins home directory.
A similar answer (for Linux-centric platforms) on ServerFault.
source to share