Re: Security RISK !

Tim Funk Tue, 22 Oct 2002 11:12:35 -0700

You'll want to protect your WEB-INF directory as well as any properties files. You can do that by using by the following in your httpd.conf: (This should be the syntax)

<Files ~ "\.properties$">
Order allow,deny
Deny from all
Satisfy All
</Files>

<Directory ~ "/WEB-INF/">
Order allow,deny
Deny from all
Satisfy All
</Directory>

Sigurður Bjarnason wrote:

Hi all

I am using apache 1.3 and tomcat 4.0.4 together


I use apache to serve all the static content, witch I have a special directory for and Tomcat serve all the jsp and servlet stuff..

The question is.. is there any security risk if I Have the Apache DocumentRoot pointing straight to the webapps folder ?!
¨
Best Regards
Siggi


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@;jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@;jakarta.apache.org>

Re: Security RISK !

Reply via email to