> From: fredk2 [mailto:fre...@gmail.com]
> I would be better...The apache httpd web server is more
> versatile
Irrelevant to this problem.
> and its vulnerabilities are better researched.
References for that assertion? I'm not disagreeing, I'd just be interested in
the hard data.
> You can also add
> mod_security and
> other modules to further protect the Tomcat against common
> attacks (assuming you do not use a WAF firewall).
And, indeed, that Apache + mod_security + mod_jk + Tomcat has fewer
vulnerabilities than just Tomcat.
> Furthermore you can add more Tomcats and
> balance when needed...
Irrelevant to this problem, though I agree with you in the general case.
> also on unix if you do not use jsvc or
> iptable you
> need to run tomcat as root for port 80 which is not a good
> idea...etc...
True, but that's like saying "if you do not have a lock on your front door,
your front door will not be locked which is not a good idea." Why would anyone
*not* run using jsvc or iptables?
- Peter
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
