Rename the manager application (host-manager/manager.xml)
Details The manager application allows administrators to manage Tomcat remotely via a web interface. The manager application should be renamed...
- Home
- Security Hardening
- CIS Apache Tomcat 7 L2 V1.1.0 Middleware
CIS Apache Tomcat 7 L2 V1.1.0 Middleware
Rename the manager application (localhost/manager.xml)
Details The manager application allows administrators to manage Tomcat remotely via a web interface. The manager application should be renamed...Rename the manager application (webapps/manager)
Details The manager application allows administrators to manage Tomcat remotely via a web interface. The manager application should be renamed...Restrict access to the web administration
Details Limit access to the web administration application to only those with a required needed. Solution For the administration application,...Restrict manager application
Details Limit access to the manager application to only those with a required need. Review $CATALINA_BASE/conf/[enginename]/[hostname]/manager.xml to ascertain that the...Setup Client-cert Authentication
Details Client-cert authentication requires that each client connecting to the server has a certificate used to authenticate. This is generally...Use LockOut Realms
Details A LockOut realm wraps around standard realms adding the ability to lock a user out after multiple failed logins....Use secure Realms
Details A realm is a database of usernames and passwords used to identify valid users of web applications. Review the...