The hack attempts that started this thread aren't denial of service attacks at all. They are attempted penetration attempts which if successful lead to installation of a viral servlet. The way I fixed them was to put an Apache HTTPD in front with a whitelist so that only known management IP addresses can even connect to /manager, let alone access it. Apache HTTPD doesn't give a 404, it just closes the connection. No exposure, no wasted threads, no wasted sockets, nothing.
EJP --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org