A number of HTTP and HTTPS ports must be available when installing Hybrid Data Pipeline on a Linux host. After installation, you may disable HTTP ports to improve security by running the disable_http.sh script on nodes running Hybrid Data Pipeline. The script should only be run when Hybrid Data Pipeline is running on a single Linux node without a load balancer.

Note:
  • The disable_http.sh script does not need to be run when Hybrid Data Pipeline is running on one or more nodes behind a load balancer because the enable_ssl.sh script closes HTTP ports as well as enables server-side SSL.
  • If the disable_http.sh script is run in other scenarios, such as a load balancer deployment where server-side SSL is not enabled, Hybrid Data Pipeline may not run or function as intended.

Take the following steps to disable HTTP ports that are not in use by the server.

  1. Upgrade to the latest version of the server.
  2. Navigate to the disable_http.sh script:

    install_dir/ddcloud/disable_http.sh where install_dir is the installation directory of the Hybrid Data Pipeline server.

  3. Run the disable_http.sh script.
    Note: Running the disable_http.sh restarts the server.
  4. Repeat steps 1-3 for each node running the server.

Result:

The following ports have been disabled for the Hybrid Data Pipeline deployment:

  • Server Access HTTP Port
  • Internal API HTTP Port
  • Notification Server non-SSL TCP Port