As someone answered a similar question of mine yesterday, you can use valves to deny access to these apps. Then you have the safety backup of not removing them, in case you *might* need them later, but you just deny all access to it.
See the Tomcat docs (if you haven't deleted it yet!) for details. --- Jonathan Locke <[EMAIL PROTECTED]> wrote: > > maybe this is already covered on the tomcat website > or in some FAQ, > but i can't seem to find the answer i'm looking > for... > > i want to turn off all the tomcat administration > tools (manager, admin, etc) > and the html documentation that's available through > the root context... > reason > being that the machine is never updated or > maintained via these tools and > so (even though they have a password) the management > apps are just a > potential security issue. how exactly should i go > about this? > > thanks, > > jon > > > > > _________________________________________________ > Scanned on 30 Dec 2003 00:26:36 > Scanning by http://erado.com > > > _________________________________________________ > Scanned on 30 Dec 2003 00:26:37 > Scanning by http://erado.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: > [EMAIL PROTECTED] > For additional commands, e-mail: > [EMAIL PROTECTED] > __________________________________ Do you Yahoo!? Find out what made the Top Yahoo! Searches of 2003 http://search.yahoo.com/top2003 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
