> Hi All, > > > > Quick question on what people's views are with regard to using Tomcat to > host external/internet facing sites. A quick Google search recommends > that these should be 'fronted' by Apache running reverse proxy. Is > Tomcat classed as insecure and as such requires this proxy in front or > is this due to the fact that Tomcat cannot reverse proxy on its own. >
Certainly tomcat is up to the task of running external sites without a reverse proxy. Some reasons you may choose to put a httpd reverse proxy in front of tomcat: - Allows displaying a "this site is down for maintenance" message when you have taken your tomcat down for maintenance. - Many third party security products supply agents as an apache httpd plugin. - httpd can be used as a load balancer to a farm of tomcat processes. - you may prefer to have the web access logging granularity that httpd provides. It really depends on your situation. Cheers, Ben --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
