tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Len Popp" <len.p...@gmail.com>
Subject Re: Server Security
Date Wed, 25 Jul 2007 17:37:03 GMT
Yes, you can run Tomcat on port 80. Some OS's (Linux, UNIX) require
the process to have root privs to use port 80.

Most important is to keep your OS and Tomcat up to date and use a
firewall - standard advice for connecting any computer to the
internet.

The fortunate thing that I've noticed is that there are very few
attempts to exploit security holes in Tomcat or the Apache web server.
The exploits I've seen in my web logs are targeted at IIS, PHP and
other things. There are security holes in Tomcat and Apache
(obviously, because they keep releasing patches for them) but no-one
seems to bother trying to exploit them. And it's unlikely that the bad
guys will even notice your custom web app (although you should still
eliminate any vulnerabilities that you can of course).
-- 
Len


On 7/25/07, Michael McQuade <m.mcquade@sympatico.ca> wrote:
> Ummmm, also, can Tomcat be run on Port 80?
>
>
> ----- Original Message -----
> From: "Michael McQuade" <m.mcquade@sympatico.ca>
> To: "Tomcat Users List" <users@tomcat.apache.org>
> Sent: Wednesday, July 25, 2007 11:38 AM
> Subject: Server Security
>
>
> Hi folks, hope someone can offer me a little bit of advice.....  Im running
> Tomcat 5.0.28 on a home server....  I want to allow people to look at a
> product I'm developing over the web....  But I am worried about my server
> being hacked....  Can anyone offer me some tips on how to protect it.....
> I'm not very network saavy.....  Thank-You in advance....
>
> Mike
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message