By Date:	<-- -->
By Thread:	<-- -->

[no subject]

If you enable the manager/admin follow practices for complex passwords.
Do not enable the invoker servlet.

For further reading:
http://tomcat.apache.org/faq/security.html

Doug


----- Original Message ----- 
From: "Stephen More" <stephen.more (at) gmail.com>
To: <users (at) tomcat.apache.org>
Sent: Monday, October 16, 2006 8:22 PM
Subject: hardening and securing tomcat in a production environment


> Is there a published list of items that need to be configured in order
> to harden and secure tomcat in a production environment ? What items
> need to be configured, and what items need to be removed  ? I am
> currently interested in version 5.5.
>
>
> -Thanks
> Steve More
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users (at) tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe (at) tomcat.apache.org
> For additional commands, e-mail: users-help (at) tomcat.apache.org
>
>
> 



---------------------------------------------------------------------
To start a new topic, e-mail: users (at) tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe (at) tomcat.apache.org
For additional commands, e-mail: users-help (at) tomcat.apache.org

Prev by Date: [no subject]
Next by Date: possibility of different classpaths under the same web application
Previous by thread: [no subject]
Next by thread: possibility of different classpaths under the same web application
Index(es):
- Main
- Thread