tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <>
Subject Re: Stop Hack attack
Date Fri, 03 Oct 2008 09:22:09 GMT
Karthik Nanjangude wrote:
> Hi
> SPEC ( Single box)
> O/s : Unix 11
> J2sdk  : 1.6
> DB : Oracle10g
> RAM  16 GB
> A normal WEB application [ User id / Passwd for AAA ] on the following spec  is successfully
running LIVE  [  non  clustered mode  ]
> Question :  Some hacker is trying to bring the System down by polling the sending continuous
 HTTP request  very frequently [ We logged the client IP  address],
>                  The WEB application cannot be configured to HTTPS (Client disapproval)
>                  Is there any way within tomcat design to prevent the same from malicious

You can limit the impact on Tomcat by blocking them with a Remote Address
Filter (

However, the earlier you can block them the better. If you can block that
IP at a firewall before they get to your box that would be better. Failing
that block the IP with iptables (or the equivalent on your platform) on the



To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message