tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Caldarale, Charles R" <Chuck.Caldar...@unisys.com>
Subject RE: redirection
Date Wed, 01 Apr 2009 14:12:58 GMT
> From: fredk2 [mailto:fredk2@gmail.com]
> Subject: RE: redirection
> 
> The apache httpd web server is more versatile 

Additional versatility is worthless if not needed; from a security perspective it merely provides
more opportunities for abuse.

> its vulnerabilities are better researched

Evidence, please?  Just because httpd has been around longer does not necessarily mean it
is more secure.  Besides, since the previously suggested arrangement was to forward all requests
to Tomcat, httpd security is of no interest.

> (assuming you do not use a WAF firewall)

If you're not using a firewall, you're simply asking for trouble.

> Furthermore you can add more Tomcats and balance when needed

Performance was not a topic of discussion; even if it were, there are much superior load balancers
available (although they do have a cost).

> on unix if you do not use jsvc or iptable you need to run 
> tomcat as root for port 80 which is not a good idea

No one ever suggested running Tomcat as root.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus
for use only by the intended recipient. If you received this in error, please contact the
sender and delete the e-mail and its attachments from all computers.



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message