Hi, Im running Tomcat(v3.1) and Apache(v1.3) - im having some weird config things happening. In the Apache config file, i set up directory permissions and switch off indexing, but when Tomcat loads, it seems to wipe out these settings and creates a massive security hole! Is this normal behaviour for Tomcat? Can i tweak a configuration to make it handle these permissions correctly. Im guessing that the problem is in the apache-tomcat config file which ive included below. If anyone has any ideas on what has happened, it would be really, really helpful. thanks! Craig tomcat-apache.conf ------------------ LoadModule jserv_module modules/ApacheModuleJServ.dll ApJServManual on ApJServDefaultProtocol ajpv12 ApJServSecretKey DISABLED ApJServMountCopy on ApJServLogLevel notice ApJServDefaultPort 8007 ApJServMount / /ROOT <Location /connect/ > AllowOverride None deny from all </Location> ApJServMount /servlet /ROOT