Hello All, My web application is currently in System Testing Phase. I am planning for the production implementation and I like to get some expert opinion from you all.
We will install Tomcat 4.1.24 on a server which is behind our corporate firewall. The port that Tomcat uses, e.g. port 8888, will be open to public due to the fact that this application will be accessed from our offices all over the world thru the internet. Now, my question is that, what is the common practice to guard against people accessing the catalina_home directory? I plan to install Tomcat on the D drive instead of the C drive where the OS resides. Just in case if the Windows OS is compromised, it may or may not affect Tomcat. Since this is the first time I have application used by people outside our corporate firewall, I like to hear your thoughts. Thank you very much.
