Re: [OT] Re: What exactly does the AJP connector on 8009 do?

2021-04-06 Thread James H. H. Lampert
On 4/6/21 9:11 AM, Olaf Kock wrote: *Everybody* has a dedicated testing system. Always! *Some* are lucky that they have a completely separate production system. We expect disk drives to fail. So we plan for it, using some form of RAID (full mirroring in my case). And so the power supply

Re: [OT] Re: What exactly does the AJP connector on 8009 do?

2021-04-06 Thread Christopher Schultz
Olaf, On 4/6/21 12:11, Olaf Kock wrote: On 06.04.21 11:53, André Warnier (tomcat/perl) wrote: Shortcut : - comment-out the AJP Connector in the tomcat configuration - restart tomcat - and wait for desperate support calls That reminds me of the common wisdom in System Administration:

[OT] Re: What exactly does the AJP connector on 8009 do?

2021-04-06 Thread Olaf Kock
On 06.04.21 11:53, André Warnier (tomcat/perl) wrote: > > Shortcut : > - comment-out the AJP Connector in the tomcat configuration > - restart tomcat > - and wait for desperate support calls > That reminds me of the common wisdom in System Administration: *Everybody* has a dedicated testing

Re: What exactly does the AJP connector on 8009 do?

2021-04-06 Thread Christopher Schultz
André, On 4/6/21 05:53, André Warnier (tomcat/perl) wrote: On 06.04.2021 00:45, James H. H. Lampert wrote: On 4/5/21 1:22 PM, Christopher Schultz wrote: If you are not running a reverse-proxy in front of Tomcat, then it does absolutely nothing for you. If you *are* running a reverse-proxy

Re: What exactly does the AJP connector on 8009 do?

2021-04-06 Thread Konstantin Kolinko
пн, 5 апр. 2021 г. в 21:59, James H. H. Lampert : > > We've just gotten a complaint about a vulnerability involving AJP (to > something called "Ghostcat") from a customer. The report from the > security consultant recommends updating to a more recent version of > Tomcat, and I note that we've

Re: What exactly does the AJP connector on 8009 do?

2021-04-06 Thread tomcat/perl
On 06.04.2021 00:45, James H. H. Lampert wrote: On 4/5/21 1:22 PM, Christopher Schultz wrote: If you are not running a reverse-proxy in front of Tomcat, then it does absolutely nothing for you. If you *are* running a reverse-proxy in front of Tomcat, then it *may* do something for you,

Re: What exactly does the AJP connector on 8009 do?

2021-04-05 Thread James H. H. Lampert
On 4/5/21 1:22 PM, Christopher Schultz wrote: If you are not running a reverse-proxy in front of Tomcat, then it does absolutely nothing for you. If you *are* running a reverse-proxy in front of Tomcat, then it *may* do something for you, depending upon what software you are using and what

Re: What exactly does the AJP connector on 8009 do?

2021-04-05 Thread Christopher Schultz
James, On 4/5/21 14:58, James H. H. Lampert wrote: We've just gotten a complaint about a vulnerability involving AJP (to something called "Ghostcat") from a customer. The report from the security consultant recommends updating to a more recent version of Tomcat, and I note that we've already