On 03/09/2010 16:01, Caldarale, Charles R wrote:
>> From: Pid [mailto:pid@pidster.com]=20
>> Subject: Re: Unexpected errors after opening port 80
>=20
>> How does this have any bearing on a firewall port being=20
>> opening and some database errors?
>=20
> It's possible that opening port 80 has enabled a much larger set of att=
acks to get through the firewall now, and make it to the back end. If th=
e webapps under Tomcat should be accessible only via HTTPS, they should h=
ave a <transport-guarantee> setting of CONFIDENTIAL in their WEB-INF/web.=
xml files; this will stop all regular HTTP requests dead in their tracks.=
(Or you could just remove the port 80 <Connector>.) If you want to kee=
p port 80 open for in-house use, you can add a valve to insure that only =
known IP addresses come through that door.
Fair point.
p
> - Chuck
>=20
>=20
> THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETAR=
Y MATERIAL and is thus for use only by the intended recipient. If you rec=
eived this in error, please contact the sender and delete the e-mail and =
its attachments from all computers.
>=20
>=20
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>=20
|