Tomcat security protection for normal users

Source: Internet
Author: User

Tomcat security protection for normal users
Threat: Generally, When configuring the Tomcat production environment, Tomcat is usually configured to run as a specific identity (non-root), which is conducive to improving security, this prevents further elevation of permissions after the website is hacked. For more information about the environment, see: http://53cto.blog.51cto.com/9899631/1697368 To install tomcat, see: http://53cto.blog.51cto.com/9899631/1697386 1. Go to the bin directory cd/usr/local/apache-Tomcat-8.0.30/bin 2 under the tomcat installation directory to decompress commons-daemon-native.tar.gz tar zxvf commons-daemon-native.tar.gz cd commons-daemon-native/unix 3, gcc, make, and other compilation tools are required. If the JAVA_HOME environment variable is not specified, the -- with-java = parameter is required to specify the jdk directory. /configure make 4. After make, a file named jsvc is generated in the current folder, copy it to the $ CATALINA_HOME/bin directory cp jsvc/usr/local/apache-tomcat-8.0.30/bin 5, add a program user to run Tomcat useradd-M-d/-s/usr/sbin /Nologin tomcat 6, modify daemon in the $ CATALINA_HOME/bin directory. sh file (skip this step if jdk environment variables are configured) set TOMCAT_USER = tomcatJAVA_HOME =/usr/java/jdk1.8.0 _ 65 7, if *. if the sh file does not have the running permission, add the running permission chmod + x * to it *. sh 8, set the $ CATALINE_HOME folder and all its sub-files Owner to tomcat chown-R tomcat: tomcat/usr/local/apache-tomcat-8.0.30 9, and start Tomcat daemon. sh start [root @ bogon bin] #. /daemon. sh-helpUnknown command: '-help' Usage: daemon. sh (Commands...) commands: run Start Tomcat without detaching from console start Start Tomcat stop Stop Tomcat version What version of commons daemon and Tomcat are you running? 10. Check whether the ps aux | grep tomcat is started as a tomcat user.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.