tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "epyonne" <>
Subject Tomcat security
Date Thu, 23 Oct 2003 13:05:26 GMT
Hello All,

My web application is currently in System Testing Phase.  I am planning for the production
implementation and I like to get some expert opinion from you all.

We will install Tomcat 4.1.24 on a server which is behind our corporate firewall.  The port
that Tomcat uses, e.g. port 8888, will be open to public due to the fact that this application
will be accessed from our offices all over the world thru the internet.

Now, my question is that, what is the common practice to guard against people accessing the
catalina_home directory?  I plan to install Tomcat on the D drive instead of the C drive where
the OS resides.  Just in case if the Windows OS is compromised, it may or may not affect Tomcat.

Since this is the first time I have application used by people outside our corporate firewall,
I like to hear your thoughts.

Thank you very much.

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message