I would only use Apache if you had to...Tomcat should be fine for most uses.
"Better" is relative.
John
On Wed, 18 Jun 2003 17:39:16 +0100, Kevin Passey <[EMAIL PROTECTED]> wrote:
John thanks for that - I think it is about time I upgraded anyway.
I have tried it and it comes up with a blank page in the editor - so I'm not
too worried.
Would you say it was better to run tomcat behind apache - the server in
question only runs JSP all my static stuff is served by my ISP. I would not
prefer the hassle of plugging in apache if I don't have to.
Regards
Kevin -----Original Message----- From: John Turner [mailto:[EMAIL PROTECTED] Sent: 18 June 2003 17:14 To: Tomcat Users List Subject: Re: Best versions - of Tomcat to run with apache
I've never heard of that vulnerability. Have you tried it? Have you checked the security lists to confirm?
If memory serves, it wasn't known as of 4.1.18 when the "Apache Tomcat Security Handbook" from Wrox Press was published.
John
On Wed, 18 Jun 2003 16:37:22 +0100, Kevin Passey <[EMAIL PROTECTED]> wrote:
Hi,
Yes I've done the apache/tomcat/mod_jk2 and it works fine.
The reason I wanted to do this is because I was using nessus to scan my web
server and it reports a vulnerability it TOMCAT 4.1.12 which allows someone
to retrieve any file on your system by putting ../../ in front of the file
name. It recommends to use another web server - yeah right - .
So I thought if I put apache in front of it - running tomcat in process that
would cure it.
Thanks anyway.
Kevin -----Original Message----- From: Shapira, Yoav [mailto:[EMAIL PROTECTED] Sent: 18 June 2003 16:29 To: Tomcat Users List Subject: RE: Best versions - of Tomcat to run with apache
Howdy, I did the standard apache2 - tomcat mod_jk configuration once, just to try it out. But I run tomcat standalone, including in production, as I find its performance more than adequate and don't need any apache features.
Yoav Shapira Millennium ChemInformatics
or-----Original Message----- From: Kevin Passey [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 11:27 AM To: 'Tomcat Users List' Subject: RE: Best versions - of Tomcat to run with apache
Hi Yoav,
I know that - I want to load it on a RH7.2 box with apache using mod_jk2.you do
Have you ever configured tomcat to run "in-process" with apache. Allis start apache and it calls tomcat when and if it needs it.apache2
I'm on the verge of getting the latest 4.1.24 rpms and the latestrpms and just installing the whole lot.to
What I wondered was - if there were ony compatibility issues between tomcat(latest) and apache2 running mod_jk2.
Thanks anyway + regards
Kevin -----Original Message----- From: Shapira, Yoav [mailto:[EMAIL PROTECTED] Sent: 18 June 2003 16:14 To: Tomcat Users List Subject: RE: Best versions - of Tomcat to run with apache
Howdy, The latest stable release, 4.1.24.
Yoav Shapira Millennium ChemInformatics
apache-----Original Message----- From: Kevin Passey [mailto:[EMAIL PROTECTED] Sent: Wednesday, June 18, 2003 11:14 AM To: Tomcat (E-mail) Subject: Best versions - of Tomcat to run with apache
Hi,
Can anybody tell me the best version of Tomcat that will run withusing say mod_jk or mod_jk2.
Thanks
Kevin Passey Tel +44(0)1273 712830 http://www.kdpsoftware.co.uk http://www.freeas400software.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s)whom it is addressed, and may not be saved, copied, printed, disclosedorused by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
This e-mail, including any attachments, is a confidential business
communication, and may contain information that is confidential, proprietary
and/or privileged. This e-mail is intended only for the individual(s) to
whom it is addressed, and may not be saved, copied, printed, disclosed or
used by anyone else. If you are not the(an) intended recipient, please
immediately delete this e-mail from your computer system and notify the
sender. Thank you.
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
