Remove extraneous files and directories – @CATALINA_HOME@/webapps/host-manager
Details The installation may provide example applications, documentation, and other directories which may not serve a production use. Rationale: Removing...
- Home
- Security Hardening
- CIS Apache Tomcat 9 L2 V1.1.0
CIS Apache Tomcat 9 L2 V1.1.0
Remove extraneous files and directories – @CATALINA_HOME@/webapps/manager
Details The installation may provide example applications, documentation, and other directories which may not serve a production use. Rationale: Removing...Remove extraneous files and directories – @CATALINA_HOME@/webapps/ROOT
Details The installation may provide example applications, documentation, and other directories which may not serve a production use. Rationale: Removing...Rename the manager application – host-manager/manager.xml
Details The manager application allows administrators to manage Tomcat remotely via a web interface. The manager application should be renamed...Rename the manager application – webapps/manager
Details The manager application allows administrators to manage Tomcat remotely via a web interface. The manager application should be renamed...Restrict manager application
Details Limit access to the manager application to only those with a justified need. Rationale: Limiting access to the least...Setup Client-cert Authentication
Details Client-cert authentication requires that each client connecting to the server have a certificate to authenticate. This is generally regarded...Use LockOut Realms
Details A LockOut realm wraps around standard realms adding the ability to lock a user out after multiple failed logins....Use secure Realms
Details A realm is a database of usernames and passwords used to identify valid users of web applications. Review the...