Talk:Securing tomcat

Installation

 * Choose an installation directory (referenced as TOMCAT_DIR from now on), preferably on a different drive to the OS.
 * do we get many advantages separating application and webapps? - Darren Edmonds
 * it could prevent path traversal under windows, but not unix. Separating apps from OS is common good practice anyway.  Stephendv 02:32, 9 October 2006 (EDT)

Network Security
Generic advice common to all server security (link).


 * Not sure what information should go here? Stephendv 04:21, 16 October 2006 (EDT)
 * I was thinking of a firewall discussion in relation to protecting the server. Perhaps this should be changed to only mention the shutdown port needs protecting in tomcat dledmonds

User Input
User data, whether it be HTTP headers or parameters, should '"never"' be trusted. It is usually the responsibility of the application to validate data, but it is important that one poorly written application doesn't compromise Tomcat as a whole.


 * global filters
 * global error pages (see above)
 * permission lockdown (see below)


 * I think this section would be more appropriate for apps themselves, rather than applying to the server as a whole. Stephendv 04:24, 16 October 2006 (EDT)
 * Agree the section doesn't seem relevant to Tomcat as it is, but I wanted to focus on preventing one webapp ruining it for everyone.  Perhaps a full rundown on java security is out of scope, but how could we prevent a poorly written download webapp from using path traversal exploits to download files of other webapps? dledmonds

Securing Manager WebApp

 * Brief description of how to create a valid manager capable user
 * IP filtering
 * Renaming the manager webapp