Yes for static, but what about port 80? John
> Dangerous. > > You should run tomcat as a non-root user, no login, no shell. The reason > Apache is involved is because we want Apache to serve static pages. > > -----Original Message----- > From: Mike Millson [mailto:[EMAIL PROTECTED] > Sent: October 14, 2004 9:58 AM > To: Tomcat Users List > Subject: Re: mod_jk2 Ready/Recommended For Production? > > > On Thu, 2004-10-14 at 05:56, Antony Paul wrote: >> Do you mean Apache dont have any security holes. I dont know about >> hacking a system. But in terms of security Tomcat is far better than >> Apache since it dont have any security vulnerabilities. >> > > But if you run tomcat standalone, you have to run tomcat as root. Apache > does not run as root, so if you run Apache in front of tomcat, you can > avoid > exposing the root account. > > Mike > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > !DSPAM:416e85e7242988496385758! > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
