|
|
|
1000 Java Tips ebook
|
|
 
Free "1000 Java Tips" eBook is here! It is huge collection of big and small Java
programming articles and tips. Please take your copy here.
Take your copy of free "Java Technology Screensaver"!. |
|
Make your Tomcat More secure - limit network address for certain IP addresses
|
JavaFAQ Home » Networking
How to run Tomcat only on one IP address?
Question: We run Tomcat on a powerful server with multiple ethernet cards and even more numerous IP addresses. We noticed that our web application on Tomcat server answers on the all network interfaces. It poses some security threat to our product. We would like to limit access to our Tomcat by just one network interface, let say eth2 (we have eth0, eth1, eth2, eth3) . Or by certain IP addresses. How we could accomplish this? Answer: You could specify IP address on which your web application will be accessible. Look for the settings for particular connector, which this application uses. By connector I mean Tomcat connector -one of many that could be defined in server.xml file. This file is Tomcat server wide configuration file, contains main server settings and is placed under conf directory in Tomcat home directory. Typical example for a connector is HTTPS or HTTP connectors. Default server.xml file does contain only port number and no IP addresses. Add this parameter - ipaddress at any place within <Connector .... /> section of the server.xml file. For example like this:
<Connector port="8443" maxHttpHeaderSize="8192" maxThreads="150" minSpareThreads="5" maxSpareThreads="25" enableLookups="false" disableUploadTimeout="true" acceptCount="100" scheme="https" secure="true"clientAuth="false" sslProtocol="TLS" address="192.168.3.24"/>
 Printer Friendly Page
 Send to a Friend
..
Search here again if you need more info!
|
|
|
RSS feed Java Forums
