tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Esmond Pitt" <esmond.p...@bigpond.com>
Subject RE: Tomcat access log reveals hack attempt: "HEAD /manager/html HTTP/1.0" 404
Date Sun, 21 Apr 2013 23:50:36 GMT
The hack attempts that started this thread aren't denial of service attacks
at all. They are attempted penetration attempts which if successful lead to
installation of a viral servlet. The way I fixed them was to put an Apache
HTTPD in front with a whitelist so that only known management IP addresses
can even connect to /manager, let alone access it. Apache HTTPD doesn't give
a 404, it just closes the connection. No exposure, no wasted threads, no
wasted sockets, nothing.

EJP


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message