Hi Everyone,
I want to run Apache Tomcat on my CentOS (6.5) installation, however I am concerned about security. What is the best way to secure CentOS whilst allowing Tomcat to Service http requests?
Kind Regards,
Davo
Best way to secure CentOS when running Apache Tomcat
Re: Best way to secure CentOS when running Apache Tomcat
See the CentOS documentation (security, hardening, auditing), use a benchmark (CISecurity, OWASP) and test your setup (OpenVAS?). Wrt Tomcat see its own security documentation and ponder if running it behind a reverse proxy with mod_security gives you the level of security you require.Mr Davo wrote:What is the best way to secure CentOS whilst allowing Tomcat to Service http requests?
Re: Best way to secure CentOS when running Apache Tomcat
Hi unspawn,
Thank you for your helpful response.
Kind Regards,
Davo
Thank you for your helpful response.
Kind Regards,
Davo
-
- Posts: 80
- Joined: 2012/03/13 10:56:21
Re: Best way to secure CentOS when running Apache Tomcat
hi,
1) Enable firewalls on apache and tomcat service machines
2) Turn Off the apache serversignature
3) Enable mod_proxy, reverse_proxy and mod_security will help you
1) Enable firewalls on apache and tomcat service machines
2) Turn Off the apache serversignature
3) Enable mod_proxy, reverse_proxy and mod_security will help you
Regards,
Narayana
Narayana