A standard Tomcat installation starts the webserver on port 8080 – which is usually not the desired behavior. In order to change the server to port 80 there are two options which I outline in the following:
Recommended: redirect traffic to 8080
Tomcat continues to listen on port 8080 (and 8443 for https). The traffic is redirected by iptables.
You don’t need to change anything in Tomcat itself, just add according Iptables-Forwarding rules. Actually this looks more complicated than the alternative – but it is the more secure way and you do not need to touch Tomcat’s config.
# check that rules are not there already sudo iptables -L -n -t nat # Add rules sudo iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 8080 sudo iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8443 # Check sudo iptables -L -n -t nat # Save sudo /service iptables save # Restart iptables sudo /etc/init.diptables restart # final check sudo iptables -L -n -t nat
Option2: run Tomcat directly on port 80
This configures to run Tomcat directly on port 80. As this is a priviledged port, Tomcat must run as root – this is usually not recommended.
The advantage: It’s simple!
The disadvantage: A webserver shouldn’t run as root.If you want to do this nevertheless, edit /etc/tomcat7/server.xml and change the connector port from 8080 to just 80:
<Connector port="<del>80</del>80" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" />
Now edit /etc/tomcat7/tomcat7.conf and set the tomcat user to root:
TOMCAT_USER="root"
And restart Tomcat:
sudo service tomcat7 restart