On 09/07/2010 15:38, Johan Martinez wrote: > Hi, > > I need to allow public internet access to my tomcat server / web > application. Although it would be restricted to set of trusted IPs > initially, later it may need to be open for public access. Is there any > guide for securing tomcat setup or steps needed before allowing public > access. Right now the only change I have made is changing default > tomcat-users.xml file used for authentication. Any other suggestions or > comments? > > System: CentOS 5.4, Sun JDK 1.5, Tomcat 5.5.28 running on 8080 port, also > accessible through port 80 using AJP.
Upgrade to 5.5.30. Upgrade to a supported JDK. >From Tomcat 7 but most stuff translates: http://tomcat.apache.org/tomcat-7.0-doc/security-howto.html Mark --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
