You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Lapo TIN <la...@tin.it> on 2005/05/12 17:10:14 UTC
tomcat and security
I would like to "limit" tomcat features as much as possible for avoiding undesiderables external accesses to the web server.
I want that only 2 servlets have to run on HTTPS, port 8443.
And these two servlets are simply replying to a GET with a static XML. Nothing more.
I define the ssl connector listening on port 8443, and create the 2 servlets.
Everything is running well,
soo my intent is to close every other possibility of access (such as HTTP on 8080, manager and admin from outside, etc...)
Is there a "list" somewhere of "tips of security" of tomcat ?
Or do you have any suggestion ?
thanks in advance.
Lapo
Re: tomcat and security
Posted by Lutz Zetzsche <Lu...@sea-rescue.de>.
Hi Lapo,
Am Donnerstag, 12. Mai 2005 17:10 schrieb Lapo TIN:
> I would like to "limit" tomcat features as much as possible for
> avoiding undesiderables external accesses to the web server. I want
> that only 2 servlets have to run on HTTPS, port 8443. And these two
> servlets are simply replying to a GET with a static XML. Nothing
> more. I define the ssl connector listening on port 8443, and create
> the 2 servlets. Everything is running well,
> soo my intent is to close every other possibility of access (such as
> HTTP on 8080, manager and admin from outside, etc...)
>
> Is there a "list" somewhere of "tips of security" of tomcat ?
> Or do you have any suggestion ?
> thanks in advance.
There are several things you can do to enforce security on your server:
1. Close all ports in your firewall which you don't need. Normally, the
HTTP (80 or 8080), HTTPS (443 or 8443) and SSH (22) port are needed and
nothing more.
2. You can configure SSH in a way, that a root login is not possible. So
everyone has to login with normal user rights and can then get root
privileges changing with "su".
3. Don't run the tomcat process with root rights. Create a group
"tomcat" with a user "tomcat" and don't give this user shell rights
(-> /bin/false) as shell access poses an additional security risk. All
files in $CATALINA_HOME should be owned by this user. Most importantly,
start the Tomcat server as user "tomcat", like:
sudo -u tomcat $CATALINA_HOME/bin/startup.sh
Be aware, that if you should accidentally start the server as root and
files to the work directory etc. should be written by the user "root",
you will get file permission problems when starting the server as user
"tomcat" next time.
Be also aware, that you cannot use ports below port 1024 without root
rights. So, if you should want to run Tomcat on port 80, then you have
to run it i.e. on port 8080 locally and have to add a iptables
redirection rule in your firewall forwarding requests for port 80 to
port 8080. Of course, this is only possible if no other server is
already running on port 80.
4. Additionally to 3., you can try to run Tomcat within a ChRoot
environment. However, I didn't get this work which seemed to be due to
a bug in the JDK, I was using, as far as I could find out.
5. Start Tomcat using the Security Manager:
sudo -u tomcat $CATALINA_HOME/bin/startup.sh -security
The default settings in $CATALINA_HOME/conf/catalina.policy are already
ok for normal use but you can much more tighten security by
implementing your own settings.
6. For web applications like the Tomcat Manager and the Administration
Tool which should not be accessible from outside, you can use
RemoteAddrValve or/and the RemoteHostValve with which you can exactly
define from which Host or IP it is allowed to access an application.
Best wishes
Lutz
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org