Correct way to disable initial 8080 port?

I might miss some point here. I just set nginx as reverse proxy on my openhab instance, with htpasswd authentication on top of it. Next part of it will be https with Let’s Encrypt.

My question is : now my reverse proxy is working, how can I properly block direct connections to (in my case) original 8080 port? Should I use regular ip table filter for this, or is there any Jetty configuration to do so?

Thanks for your replies !

To stop openHAB listening to anything other than localhost, see the docs on access control.