Control the maximum size of a POST request that will be parsed for parameter
Details The maxPostSize attribute controls the maximum size of a POST request which will be parsed for parameters. Setting a...
- Home
- Security Hardening
- CIS Apache Tomcat 8 L1 V1.1.0 Middleware
CIS Apache Tomcat 8 L1 V1.1.0 Middleware
Disable client facing Stack Traces – check for defined exception type
Details When a runtime error occurs during request processing, Apache Tomcat will display debugging information to the requestor. It is...Do not allow cross context requests
Details Setting crossContext to false prevents an application from calling ServletConext.getContext to return a dispatcher for another application. Rationale: Allowing...Do not allow symbolic linking
Details Symbolic links permit one application to include the libraries from another. This allows for re-use of code but also...Do not run applications as privileged
Details Setting the privileged attribute for an application changes the class loader to the Server class loader instead of the...Enable memory leak listener – verify present
Details The JRE Memory Leak Prevention Listener provides work-arounds for known places where the Java Runtime Environment uses the context...Enable strict servlet Compliance
Details The STRICT_SERVLET_COMPLIANCE influences Tomcat’s behavior in several subtle ways. See the References below for the complete list. It is...Ensure directory in context.xml is a secure location – configuration
Details The directory attribute tells Tomcat where to store logs. It is recommended that the location referenced by the directory...Ensure directory in context.xml is a secure location – permissions
Details The directory attribute tells Tomcat where to store logs. It is recommended that the location referenced by the directory...Ensure directory in logging.properties is a secure location – check application log directory is secure
Details The directory attribute tells Tomcat where to store logs. The directory value should be a secure location with restricted...