View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions hosts.allow in arch linux
Log in to Ask a Question

hosts.allow in arch linux

networking

So I've been using Debian up until now, when I decided to try out Arch Linux. Loving it so far, but there's something I'm wondering about. When I installed lighttpd via pacman, I couldn't connect to my webpage from the outside, but it worked from localhost. When I added "lighttpd: ALL" to the hosts.allow file, I could connect to it from the outside. I've never had to do this with Debian. Why? Also, sshd isn't in the hosts.allow but I can still connect through ssh. Is there a way to disable this?

8 Replies

You might want to take a look at /etc/hosts.deny. By default, it is set

up to deny all incoming connections which is why you have to add

exceptions to /etc/hosts.allow. Also check out man 5 hosts_access.

I see, thanks for the response. When I took a look in hosts.deny, it was empty. Is it supposed to be this way? Can I disable this "feature"?

You could put ALL: ALL: ALLOW in your /etc/hosts.allow to allow all incoming connections.

I read the man and it just said that the hosts.deny could be empty and if it is, the connections will be allowed. This goes against what really happened, so now I'm kind of confused. So by default all connections are rejected even though hosts.deny is empty?

If the manpage says that if /etc/hosts.deny is empty all connections will be allowed, then it is probably so. Maybe something else was blocking your connections?

Hm that what I'd like to think but when I added lighttpd to my hosts.allow it worked.

I recall recently reading an article* discussing this issue and noting differences in behavior between distributions. In some cases this was correctly documented in the relevant man page, but in some it wasn't. There were also mysterious references to a system-wide setting that the author couldn't validate.

In short, your man page might be wrong on this point.

*Sadly, my Google-fu is failing, as I can't locate it again. Perhaps it was all a dream…

Thanks, that makes things clearer. :) Is there a way I can just disable this entire hosts.allow/hosts.deny thing?

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct