On 03/09/2010 16:01, Caldarale, Charles R wrote: >> From: Pid [mailto:p...@pidster.com] >> Subject: Re: Unexpected errors after opening port 80 > >> How does this have any bearing on a firewall port being >> opening and some database errors? > > It's possible that opening port 80 has enabled a much larger set of attacks > to get through the firewall now, and make it to the back end. If the webapps > under Tomcat should be accessible only via HTTPS, they should have a > <transport-guarantee> setting of CONFIDENTIAL in their WEB-INF/web.xml files; > this will stop all regular HTTP requests dead in their tracks. (Or you could > just remove the port 80 <Connector>.) If you want to keep port 80 open for > in-house use, you can add a valve to insure that only known IP addresses come > through that door.
Fair point. p > - Chuck > > > THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY > MATERIAL and is thus for use only by the intended recipient. If you received > this in error, please contact the sender and delete the e-mail and its > attachments from all computers. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org >
0x62590808.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
