How to bind IntelliJ IDEA random open ports to localhost only?


When I run IntelliJ IDEA 2018.1.6 (Ultimate or Community edition) on macOS, I observe that 3 random ports are open on all network interfaces (eth0, lo, ...). One random port is open by the idea process and the two other ports are open by a different java process launched by IntelliJ IDEA.

I've removed the only plugin I've explicitly installed which is SonarLint.

The debugger which is running on port 63342 is bind to localhost and this can be configured in the Preferences menu.

Here is the relevant part of the output of lsof -i | grep LISTEN :

    idea   3328    orto  187u  IPv4 0x3c332685aa6872fd   0t0  TCP localhost:6942 (LISTEN)
    idea   3328    orto  686u  IPv4 0x3c332685aa623815   0t0  TCP localhost:63342 (LISTEN)
    idea   3328    orto  752u  IPv4 0x3c332685aa676de5   0t0  TCP *:53212 (LISTEN)
    java   3341    orto   33u  IPv6 0x3c332685aa5f899d   0t0  TCP *:61070 (LISTEN)
    java   3341    orto   77u  IPv6 0x3c332685b9885edd   0t0  TCP *:53210 (LISTEN)

As asked, here is the relevant part of ps -ef | grep 3341 (it's a RemoteMavenServer):

/Applications/IntelliJ -d64 -Djava.awt.headless=true -Didea.version==2017.1.1 -Xmx768m -Didea.maven.embedder.version=3.3.9 -Dfile.encoding=UTF-8 -classpath /Applications/IntelliJ org.jetbrains.idea.maven.server.RemoteMavenServer

How to bind these three random open ports to localhost?

P.S.: I am using the macos version.

P.S.2: An issue has been created here:


IntelliJ IDEA doesn't bind any ports on the wildcard interface by default, except for the UDP concurrent licensing check (only for Ultimate). All the ports used for internal needs (Netty library initialization, exclusive folders lock, built-in web server, debugger, compiler/maven/gradle/running process IPC) are open on the localhost ( interface: