Best way to secure CentOS when running Apache Tomcat

Support for security such as Firewalls and securing linux
Post Reply
Mr Davo
Posts: 2
Joined: 2014/06/13 01:21:14

Best way to secure CentOS when running Apache Tomcat

Post by Mr Davo » 2014/06/13 01:26:27

Hi Everyone,

I want to run Apache Tomcat on my CentOS (6.5) installation, however I am concerned about security. What is the best way to secure CentOS whilst allowing Tomcat to Service http requests?

Kind Regards,

Davo

unspawn
Posts: 172
Joined: 2006/12/11 12:28:52

Re: Best way to secure CentOS when running Apache Tomcat

Post by unspawn » 2014/06/15 10:30:26

Mr Davo wrote:What is the best way to secure CentOS whilst allowing Tomcat to Service http requests?
See the CentOS documentation (security, hardening, auditing), use a benchmark (CISecurity, OWASP) and test your setup (OpenVAS?). Wrt Tomcat see its own security documentation and ponder if running it behind a reverse proxy with mod_security gives you the level of security you require.

Mr Davo
Posts: 2
Joined: 2014/06/13 01:21:14

Re: Best way to secure CentOS when running Apache Tomcat

Post by Mr Davo » 2014/06/17 00:45:51

Hi unspawn,

Thank you for your helpful response.

Kind Regards,

Davo

narayanab16
Posts: 80
Joined: 2012/03/13 10:56:21

Re: Best way to secure CentOS when running Apache Tomcat

Post by narayanab16 » 2014/07/27 06:55:31

hi,

1) Enable firewalls on apache and tomcat service machines
2) Turn Off the apache serversignature
3) Enable mod_proxy, reverse_proxy and mod_security will help you
Regards,
Narayana

Post Reply

Return to “CentOS 6 - Security Support”