You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Hassan Khan <ha...@gmail.com> on 2017/07/24 14:32:01 UTC
Documentation for production version of tomcat 8.5
Hi,
There are lot of setting that can be tweaked to make Tomcat 8.5 fast and
secure for production use. Have been visiting lot of links on the web.
Is there any resource that apache host regarding the setting to change to
make tomcat 8.5 ready for production ?
Thanks
--
Hassan Khan
Re: Documentation for production version of tomcat 8.5
Posted by Hassan Khan <ha...@gmail.com>.
Hi,
Any body has any inputs, they are appreciated.
Want to be sure these changes are safe for a production system.
Thanks
Hassan
On Wed, Jul 26, 2017 at 5:30 PM, Hassan Khan <ha...@gmail.com>
wrote:
> hi Chris,
>
> after searching the web, below are the changes we did and saw actual
> improvement in performance...
> Our app used jsp that have lot of java code inside it..
>
> 1. In web.xml added the highlighted section.
> <servlet>
> <servlet-name>jsp</servlet-name>
> <servlet-class>org.apache.jasper.servlet.JspServlet</
> servlet-class>
> <init-param>
> <param-name>fork</param-name>
> <param-value>false</param-value>
> </init-param>
> <init-param>
> <param-name>xpoweredBy</param-name>
> <param-value>false</param-value>
> </init-param>
> <init-param>
> <param-name>mappedfile</param-name>
> <param-value>false</param-value>
> </init-param>
>
> <init-param>
> <param-name>trimSpaces</param-name>
> <param-value>true</param-value>
> </init-param>
> <init-param>
> <param-name>suppressSmap</param-name>
> <param-value>true</param-value>
> </init-param>
> <init-param>
> <param-name>fork</param-name>
> <param-value>false</param-value>
> </init-param>
> <init-param>
> <param-name>classdebuginfo</param-name>
> <param-value>false</param-value>
> </init-param>
> <init-param>
> <param-name>development</param-name>
> <param-value>false</param-value>
> </init-param>
>
> <init-param>
> <param-name>keepgenerated</param-name>
> <param-value>false</param-value>
> </init-param>
>
> <load-on-startup>3</load-on-startup>
> </servlet>
>
> 2. In server.xml (turn on compression) changed the connector to:
> <Connector port="8181" protocol="HTTP/1.1"
> connectionTimeout="60000"
> redirectPort="8443"
> disableUploadTimeout="false"
> useBodyEncodingForURI="true"
> server="Application Server"
> compression="on"
> compressionMinSize="1024"
> noCompressionUserAgents="gozilla, traviata"
> />
> 3. in catalina.properties added more jar to skip the scan at :
> tomcat.util.scan.StandardJarScanFilter.jarsToSkip=\
>
> Not a power user of tomcat, please advise..
>
> Thanks
> Hassan
>
> On Mon, Jul 24, 2017 at 3:44 PM, Christopher Schultz <
> chris@christopherschultz.net> wrote:
>
>> -----BEGIN PGP SIGNED MESSAGE-----
>> Hash: SHA256
>>
>> Hassan,
>>
>> On 7/24/17 10:32 AM, Hassan Khan wrote:
>> > Hi,
>> >
>> > There are lot of setting that can be tweaked to make Tomcat 8.5
>> > fast and secure for production use. Have been visiting lot of links
>> > on the web.
>> >
>> > Is there any resource that apache host regarding the setting to
>> > change to make tomcat 8.5 ready for production ?
>>
>> Tomcat 8.5 should be production-ready pretty much out of the box. Do
>> you have any particular concerns?
>>
>> - -chris
>> -----BEGIN PGP SIGNATURE-----
>> Comment: GPGTools - http://gpgtools.org
>> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>>
>> iQIcBAEBCAAGBQJZdk44AAoJEBzwKT+lPKRYVlYP/2QAh28na/i8j0nXqIQLu7UU
>> s7AxdutC6NSBfgXkb73DIhCkgAHgYqloxG3p4jmR8ElEz5JT3CORxmPoVYUOdH2w
>> y/4ctvPEUY1qcMzgbejI1TNf8dyq6lyxbqrh1QUKI0Imzd/f3PNGPl5aqLo6dDQN
>> L5w4TlrTqP80T3npV2Mj2Opk0g+i3bRzyxPnS6P0nJj8lk1qc0XTQ1DK7epUzJYV
>> hROqhBEktXsucHmNuqOjiu2AEXJNj4tveDx+fN09ruPeJxNRZBn5FgEoQYioT3Qd
>> Qp9Nf3axjQUH6U/6saPp8uAjq0AejwcR8Qduwa/Hish9YuOJa+Gw8MDrToazpF/d
>> COkzyBC96YQkAsVljiGSK8cBTXHGFLb7MaOm40XVEFl8RP5fOkDpXCBYoRv8DRLU
>> SH4AmUHDTOquNahX3JOcZ2j33L8gYPfwmF5z5Edqm2BA84cm6eiZpDzDla5F/vG6
>> z4eOlxEGZF6TQpexE8moQHXZPTPrDEMfxRwbwTCVeMuqtEjKLj6yFy82zpLuoMER
>> E6DI1gQGfodR3nCiZh7o/Yafj45OCBPEruF9rLadyRhcj4Ww15w9qGvfzjWaiT1z
>> yfXNx85mEDBUGLa3cOB/3w+Vg547UTQYRvLRp7EXnvAaxNuFg6jn8zQfOwvLX2IP
>> +VRmDbPac/JTDAJghtQy
>> =eD/Y
>> -----END PGP SIGNATURE-----
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
>
> --
> Hassan Khan
>
--
Hassan Khan
Re: Documentation for production version of tomcat 8.5
Posted by Hassan Khan <ha...@gmail.com>.
hi Chris,
after searching the web, below are the changes we did and saw actual
improvement in performance...
Our app used jsp that have lot of java code inside it..
1. In web.xml added the highlighted section.
<servlet>
<servlet-name>jsp</servlet-name>
<servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
<init-param>
<param-name>fork</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>xpoweredBy</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>mappedfile</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>trimSpaces</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>suppressSmap</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>fork</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>classdebuginfo</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>development</param-name>
<param-value>false</param-value>
</init-param>
<init-param>
<param-name>keepgenerated</param-name>
<param-value>false</param-value>
</init-param>
<load-on-startup>3</load-on-startup>
</servlet>
2. In server.xml (turn on compression) changed the connector to:
<Connector port="8181" protocol="HTTP/1.1"
connectionTimeout="60000"
redirectPort="8443"
disableUploadTimeout="false"
useBodyEncodingForURI="true"
server="Application Server"
compression="on"
compressionMinSize="1024"
noCompressionUserAgents="gozilla, traviata"
/>
3. in catalina.properties added more jar to skip the scan at :
tomcat.util.scan.StandardJarScanFilter.jarsToSkip=\
Not a power user of tomcat, please advise..
Thanks
Hassan
On Mon, Jul 24, 2017 at 3:44 PM, Christopher Schultz <
chris@christopherschultz.net> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> Hassan,
>
> On 7/24/17 10:32 AM, Hassan Khan wrote:
> > Hi,
> >
> > There are lot of setting that can be tweaked to make Tomcat 8.5
> > fast and secure for production use. Have been visiting lot of links
> > on the web.
> >
> > Is there any resource that apache host regarding the setting to
> > change to make tomcat 8.5 ready for production ?
>
> Tomcat 8.5 should be production-ready pretty much out of the box. Do
> you have any particular concerns?
>
> - -chris
> -----BEGIN PGP SIGNATURE-----
> Comment: GPGTools - http://gpgtools.org
> Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
>
> iQIcBAEBCAAGBQJZdk44AAoJEBzwKT+lPKRYVlYP/2QAh28na/i8j0nXqIQLu7UU
> s7AxdutC6NSBfgXkb73DIhCkgAHgYqloxG3p4jmR8ElEz5JT3CORxmPoVYUOdH2w
> y/4ctvPEUY1qcMzgbejI1TNf8dyq6lyxbqrh1QUKI0Imzd/f3PNGPl5aqLo6dDQN
> L5w4TlrTqP80T3npV2Mj2Opk0g+i3bRzyxPnS6P0nJj8lk1qc0XTQ1DK7epUzJYV
> hROqhBEktXsucHmNuqOjiu2AEXJNj4tveDx+fN09ruPeJxNRZBn5FgEoQYioT3Qd
> Qp9Nf3axjQUH6U/6saPp8uAjq0AejwcR8Qduwa/Hish9YuOJa+Gw8MDrToazpF/d
> COkzyBC96YQkAsVljiGSK8cBTXHGFLb7MaOm40XVEFl8RP5fOkDpXCBYoRv8DRLU
> SH4AmUHDTOquNahX3JOcZ2j33L8gYPfwmF5z5Edqm2BA84cm6eiZpDzDla5F/vG6
> z4eOlxEGZF6TQpexE8moQHXZPTPrDEMfxRwbwTCVeMuqtEjKLj6yFy82zpLuoMER
> E6DI1gQGfodR3nCiZh7o/Yafj45OCBPEruF9rLadyRhcj4Ww15w9qGvfzjWaiT1z
> yfXNx85mEDBUGLa3cOB/3w+Vg547UTQYRvLRp7EXnvAaxNuFg6jn8zQfOwvLX2IP
> +VRmDbPac/JTDAJghtQy
> =eD/Y
> -----END PGP SIGNATURE-----
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
Hassan Khan
Re: Documentation for production version of tomcat 8.5
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hassan,
On 7/24/17 10:32 AM, Hassan Khan wrote:
> Hi,
>
> There are lot of setting that can be tweaked to make Tomcat 8.5
> fast and secure for production use. Have been visiting lot of links
> on the web.
>
> Is there any resource that apache host regarding the setting to
> change to make tomcat 8.5 ready for production ?
Tomcat 8.5 should be production-ready pretty much out of the box. Do
you have any particular concerns?
- -chris
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCAAGBQJZdk44AAoJEBzwKT+lPKRYVlYP/2QAh28na/i8j0nXqIQLu7UU
s7AxdutC6NSBfgXkb73DIhCkgAHgYqloxG3p4jmR8ElEz5JT3CORxmPoVYUOdH2w
y/4ctvPEUY1qcMzgbejI1TNf8dyq6lyxbqrh1QUKI0Imzd/f3PNGPl5aqLo6dDQN
L5w4TlrTqP80T3npV2Mj2Opk0g+i3bRzyxPnS6P0nJj8lk1qc0XTQ1DK7epUzJYV
hROqhBEktXsucHmNuqOjiu2AEXJNj4tveDx+fN09ruPeJxNRZBn5FgEoQYioT3Qd
Qp9Nf3axjQUH6U/6saPp8uAjq0AejwcR8Qduwa/Hish9YuOJa+Gw8MDrToazpF/d
COkzyBC96YQkAsVljiGSK8cBTXHGFLb7MaOm40XVEFl8RP5fOkDpXCBYoRv8DRLU
SH4AmUHDTOquNahX3JOcZ2j33L8gYPfwmF5z5Edqm2BA84cm6eiZpDzDla5F/vG6
z4eOlxEGZF6TQpexE8moQHXZPTPrDEMfxRwbwTCVeMuqtEjKLj6yFy82zpLuoMER
E6DI1gQGfodR3nCiZh7o/Yafj45OCBPEruF9rLadyRhcj4Ww15w9qGvfzjWaiT1z
yfXNx85mEDBUGLa3cOB/3w+Vg547UTQYRvLRp7EXnvAaxNuFg6jn8zQfOwvLX2IP
+VRmDbPac/JTDAJghtQy
=eD/Y
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org