www.bonsaiframework.com
Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

The Bonsai Framework also provides a pre-packaged portable and secured version of Tomcat. This document outlines the hardening steps taken.

The steps begin with a tar.gz version of Tomcat from the Apache website and start int the root directory of Tomcat. For example,

tar -xvpf apache-tomcat-6.0.32
cd apache-tomcat-6.0.32

This document is for reference. To get up and started, go ahead and download Bonsai Framework Tomcat 6.0.32.

Remove Unnecessary Files

Delete sample applications,

cd webapps
rm -rf docs examples

We recommend against using the Manager application,

# You should still be in the webapps directory
rm -rf host-manager manager
cd ..

http://www.cisecurity.org/resources-publications/

https://www.owasp.org/index.php/Securing_tomcat

...

References

http://blogs.mulesoft.org/is-your-tomcat-secure/ - looks like a good lead.

  • No labels