www.bonsaiframework.com
Page tree

Versions Compared

Old Version 14

changes.mady.by.user Tin Pham

Saved on

compared with

New Version 15

changes.mady.by.user Tin Pham

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
# You should still be in the webapps directory
rm -rf host-manager manager
Info

Per p9 of Center for Internet Security, Security Configuration Benchmark for Apache Tomcat 5.5/6.0 Version 1.0.0.

Remove Unnecessary Ports

By default Tomcat listens to the following ports,

...

Code Block
languagehtml/xml
<!--
<Connector port="8080" protocol="HTTP/1.1"
               connectionTimeout="20000"
               redirectPort="8643" />
-->
Info

Per p11 of Center for Internet Security, Security Configuration Benchmark for Apache Tomcat 5.5/6.0 Version 1.0.0.

Clear Text Passwords

When configuring resources such as JDBC, Tomcat only supports clear text username and password in server.xml. By default, if untarred per the BonsaiFramework instructions, server.xml will only be readable by serveradmin.

...