You need a firewall. Can be a router or a software firewall with your PC. You tell your firewall to allow access to the port that Tomcat is open on, e.g 8080 and lock down ports you don't want open such as your database port. Tomcat connects to the database locally on your machine, so the outside world don't need access to that port. Your DB files can be wherever you want them to be, Tomcat/JDBC connects to a DB on port, not file location.
-----Original Message----- From: Michael McQuade [mailto:[EMAIL PROTECTED] Sent: 02 May 2004 14:55 To: Tomcat Users List Subject: Tomcat Security.... Dumb question number 2 of the Day folks.... I'm a programmer, not real swift on the security side of life.... I have Tomcat (5.0.28)running on my server at home, to develop an application..... I now want to open up my Server to the Internet, so potential clients can demo my product from their office..... Now I'm not rich, so I can't afford a separate Web Server.... Can anyone tell me, do I need to use separate products to secure my server from hackers, obviously I just want access to the App programs and the database they are using.... I really have no clue about this area of expertise.... Also, does my Database need to reside within the Tomcat heirarchy on my Hard drive, or can it simply be in C:\mysql\database........ Thank You for any help you can provide me.... Mike --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] <FONT SIZE=1 FACE="VERDANA,ARIAL" COLOR=BLUE> ------------------------------------------------------- QAS Ltd. Registered in England: No 2582055 Registered in Australia: No 082 851 474 ------------------------------------------------------- </FONT> <FONT SIZE=1 FACE="VERDANA,ARIAL" COLOR=BLACK> Disclaimer: The information contained within this e-mail is confidential and may be privileged. This email is intended solely for the named recipient only; if you are not authorised you must not disclose, copy, distribute, or retain this message or any part of it. If you have received this message in error please contact the sender at once so that we may take the appropriate action and avoid troubling you further. Any views expressed in this message are those of the individual sender. QAS Limited has the right lawfully to record, monitor and inspect messages between its employees and any third party. Your messages shall be subject to such lawful supervision as QAS Limited deems to be necessary in order to protect its information, its interests and its reputation. Whilst all efforts are made to safeguard Inbound and Outbound emails, QAS Limited cannot guarantee that attachments are virus free or compatible with your systems and does not accept any liability in respect of viruses or computer problems experienced. </FONT> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
