/etc/hosts.deny ignored in Ubuntu 14.04
- by Matt
I have Apache2 running on Ubuntu 14.04LTS. To begin securing network access to the machine, I want to start by blocking everything, then make specific allow statements for specific subnets to browse to sites hosted in Apache.
The Ubuntu Server is installed with no packages selected during install, the only packages added after install are: apt-get update; apt-get install apache2, php5 (with additional php5-modules), openssh-server, mysql-client
Following are my /etc/hosts.deny & /etc/hosts.allow settings:
/etc/hosts.deny
ALL:ALL
/etc/hosts.allow has no allow entries at all.
I would expect all network protocols to be denied. The symptom is that I can still web browse to sites hosted on the Apache web server even though there is a deny all statement in /etc/hosts.deny
The system was rebooted after the deny entry was added.
Why would /etc/hosts.deny with ALL:ALL be ignored and allow http browsing to sites hosted on the apache web server?