Hi,
I have following tomcat server.xml configuration:
<Service name="Public">
<Connector port="80" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443" />
<Engine name="Public" defaultHost="mydomain.com">
<Host name="mydomain.com" appBase="httpapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
<!-- Prevent accessing by IP -->
<Host name="123.123.123.123" appBase="notexist"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
</Engine>
</Service>
<Service name="Secure">
<Connector
port="443" minSpareThreads="5" maxSpareThreads="75"
enableLookups="true" disableUploadTimeout="true"
acceptCount="100" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
keystoreFile="/path/somekeystore" keystorePass="*********"
clientAuth="false" sslProtocol="TLS"/>
<Engine name="Secure" defaultHost="mydomain.com">
<Host name="mydomain.com" appBase="httpsapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
<!-- Prevent accessing by IP -->
<Host name="123.123.123.123" appBase="notexist"
xmlValidation="false" xmlNamespaceAware="false">
</Host>
</Engine>
</Service>
There is two services other for http and other for https connections. Is
this right way to do this and does it have some performance issues? Also I
point users accessing by ip to directory that doesn't exist because I want
that robots that are scanning ip addresses doesn't get anything as response,
is there better way to do this (I have tried something with valve but don't
know how to do this with that)?
--
Jaakko
