Author: kkolinko
Date: Fri Apr 17 13:02:33 2015
New Revision: 1674294
URL: http://svn.apache.org/r1674294
Log:
Correct list markup (list elements are <li>, not <ol>)
Modified:
tomcat/trunk/webapps/docs/security-howto.xml
Modified: tomcat/trunk/webapps/docs/security-howto.xml
URL:
http://svn.apache.org/viewvc/tomcat/trunk/webapps/docs/security-howto.xml?rev=1674294&r1=1674293&r2=1674294&view=diff
==============================================================================
--- tomcat/trunk/webapps/docs/security-howto.xml (original)
+++ tomcat/trunk/webapps/docs/security-howto.xml Fri Apr 17 13:02:33 2015
@@ -129,15 +129,15 @@
<p>When deploying a web application that provides management functions for
the Tomcat instance, the following guidelines should be followed:</p>
<ul>
- <ol>Ensure that any users permitted to access the management application
- have strong passwords.</ol>
- <ol>Do not remove the use of the <a
+ <li>Ensure that any users permitted to access the management application
+ have strong passwords.</li>
+ <li>Do not remove the use of the <a
href="config/realm.html#LockOut_Realm_-_org.apache.catalina.realm.LockOutRealm">LockOutRealm</a>
- which prevents brute force attacks against user passwords.</ol>
- <ol>Uncomment the <a
href="config/valve.html#Remote_Address_Filter">RemoteAddrValve</a>
+ which prevents brute force attacks against user passwords.</li>
+ <li>Uncomment the <a
href="config/valve.html#Remote_Address_Filter">RemoteAddrValve</a>
in <code>/META-INF/context.xml</code> which limits access to
localhost. If remote access is required, limit it to specific IP
- addresses using this valve.</ol>
+ addresses using this valve.</li>
</ul>
</subsection>
</section>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org
