[Windows Server 2012] Tomcat Security Hardening Method

Source: Internet
Author: User

★ Welcome to The Guardian God · V Classroom, website address: http://v.huweishen.com
★ Guardian God · V Classroom is a Web site dedicated to providing server instructional video for the Guardian God, updated weekly video.
★ This section we will lead you: Tomcat Security Configuration
• This section is connected to the previous section, "Tomcat installation Configuration", so Tomcat has been installed and configured properly.
· Tomcat is run as a system service by default, and it is very dangerous to run an account on the systems. Need to fall right and give proper reading
Write permissions.

1. Establish a system account to run Tomcat
1) Add a user, named Tomcat_hws;
2) Set user Tomcat_hws only belong to Guests Group;

2. Set permissions for the Tomcat directory
1) Locate the Tomcat installation directory (obtained in the system service, the service name defaults to TOMCAT7, the display name is Apache
Tomcat 7.0 TOMCAT7);
To the Tomcat installation directory Administrators, the SYSTEM "Full Control" permission; give Tomcat_hws "Read and
Line "permission;
2) "Logs" "temp" in the Tomcat installation directory
Give them Administrators, SYSTEM "Full Control" permission; Tomcat_hws "read/write/delete" permission

3) Locate the website file directory (default in the Tomcat installation directory webapps\root);
Store directory Administrators, SYSTEM "Full Control" permission for Web site files, tomcat_hws "read/write
/delete "permissions;
(If you have more than one Web site file directory, you need to add the Tomcat_hws "read/write/delete" permission;)

3. Set up Tomcat service
1) Set the Tomcat service startup account to Tomcat_hws;
2) Restart the Tomcat service;

4. Test results
1) Tomcat running account is TOMCAT_HWS, success down right;
2) Open the test page http://localhost:8080/totcheck.jsp;
3) The JSP probe is running normally.

5. Other protective measures
If your tomcat is not down, but you have to address security issues, you can use the Guardian God Tamper-proof system (PRO) to
Solve.
Through the "Process throttling" module of the Guardian God Tamper-proof System (Pro Edition),
Setting up Tomcat only has permissions on the Tomcat home directory and the site directory.
This way hackers will not be able to invade the server through Tomcat.

Now that this section is over, please visit the Guardian God website (www.huweishen.com) for more instructional videos.

Reprint please indicate the source (http://v.huweishen.com/video/49.html) Thank you!

[Windows Server 2012] Tomcat Security Hardening Method

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.