Sorry, i don't understand. The following is in my server.xml, I added the port 4848, but if I go to localhost:4848 and localhost:8080 in my browser, then I'm seeing the same 'tomcat' page that has a way for hackers to click on TomEE Gui, Server Status, Manager App, and Host manager. I only want to see that page when access localhost:4848, I do not want to see that page when accessing localhost:8080.
<Connector port="8080" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> <!-- A "Connector" using the shared thread pool--> <Connector executor="tomcatThreadPool" port="4848" protocol="HTTP/1.1" connectionTimeout="20000" redirectPort="8443" /> On Sun, Dec 9, 2012 at 11:30 AM, Romain Manni-Bucau <rmannibu...@gmail.com>wrote: > Just look tomcat site. Basically connector(s) ports and shutdown port > (<Server> and < Connector>) > Le 9 déc. 2012 17:26, "Howard W. Smith, Jr." <smithh032...@gmail.com> a > écrit : > > > Can you reply with a URL or two that advises how to configure server.xml? > > thanks. > > > > > > On Sun, Dec 9, 2012 at 11:23 AM, Romain Manni-Bucau > > <rmannibu...@gmail.com>wrote: > > > > > That's right, tomee webapp only serve for default ejbd (remote ejb > > > transport). > > > > > > For port just update server.xml > > > Le 9 déc. 2012 17:20, "Howard W. Smith, Jr." <smithh032...@gmail.com> > a > > > écrit : > > > > > > > Romain, > > > > > > > > I have TomEE 1.5.1 running on production server, and I am getting > > > > hack-attempts late at night (midnight) by someone, trying to login to > > > > 'admin' acct of TomEE (tomcat7). I have a strong password and a > > > different > > > > admin-user-name in place. > > > > > > > > I really would like to change configuration to put the tomee app on > > > > localhost:4848 (port 4848) instead of port 80 or 8080. > > > > > > > > I have not been successful at this yet. I think I read in tomee or > > > tomcat7 > > > > user guide, that I can delete the tomee app? I can also delete > > > manager/etc > > > > apps as well, so they won't even be served. Right? > > > > > > > > Howard > > > > > > > > > > > > On Tue, Nov 27, 2012 at 6:06 AM, Romain Manni-Bucau > > > > <rmannibu...@gmail.com>wrote: > > > > > > > > > By default in dev more you should get tomee user (but only to > access > > > > tomee > > > > > webapp, not tomcat one) > > > > > > > > > > if you set openejb.profile to something else (system property) > you'll > > > > need > > > > > to define it explicitely > > > > > > > > > > *Romain Manni-Bucau* > > > > > *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* > > > > > *Blog: **http://rmannibucau.wordpress.com/*< > > > > > http://rmannibucau.wordpress.com/> > > > > > *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* > > > > > *Github: https://github.com/rmannibucau* > > > > > > > > > > > > > > > > > > > > > > > > > 2012/11/27 Howard W. Smith, Jr. <smithh032...@gmail.com> > > > > > > > > > > > Wow, check this out. I'm so glad that you all ship tomee.xml with > > all > > > > > > users/passwords 'commented out'! :) > > > > > > > > > > > > Nov 27, 2012 5:48:05 AM org.apache.catalina.realm.LockOutRealm > > > > > authenticate > > > > > > WARNING: An attempt was made to authenticate the locked user > > > "manager" > > > > > > Nov 27, 2012 5:48:05 AM org.apache.catalina.realm.LockOutRealm > > > > > authenticate > > > > > > WARNING: An attempt was made to authenticate the locked user > > > "manager" > > > > > > Nov 27, 2012 5:48:06 AM org.apache.catalina.realm.LockOutRealm > > > > > authenticate > > > > > > WARNING: An attempt was made to authenticate the locked user > > "role1" > > > > > > Nov 27, 2012 5:48:06 AM org.apache.catalina.realm.LockOutRealm > > > > > authenticate > > > > > > WARNING: An attempt was made to authenticate the locked user > > "role1" > > > > > > Nov 27, 2012 5:48:07 AM org.apache.catalina.realm.LockOutRealm > > > > > authenticate > > > > > > WARNING: An attempt was made to authenticate the locked user > "root" > > > > > > Nov 27, 2012 5:48:07 AM org.apache.catalina.realm.LockOutRealm > > > > > authenticate > > > > > > WARNING: An attempt was made to authenticate the locked user > "root" > > > > > > Nov 27, 2012 5:48:07 AM org.apache.catalina.realm.LockOutRealm > > > > > authenticate > > > > > > WARNING: An attempt was made to authenticate the locked user > "root" > > > > > > Nov 27, 2012 5:48:08 AM org.apache.catalina.realm.LockOutRealm > > > > > authenticate > > > > > > WARNING: An attempt was made to authenticate the locked user > > "tomcat" > > > > > > Nov 27, 2012 5:48:08 AM org.apache.catalina.realm.LockOutRealm > > > > > authenticate > > > > > > WARNING: An attempt was made to authenticate the locked user > > "tomcat" > > > > > > Nov 27, 2012 5:48:09 AM org.apache.catalina.realm.LockOutRealm > > > > > authenticate > > > > > > WARNING: An attempt was made to authenticate the locked user > "both" > > > > > > Nov 27, 2012 5:48:09 AM org.apache.catalina.realm.LockOutRealm > > > > > authenticate > > > > > > WARNING: An attempt was made to authenticate the locked user > "both" > > > > > > Nov 27, 2012 5:48:09 AM org.apache.catalina.realm.LockOutRealm > > > > > authenticate > > > > > > WARNING: An attempt was made to authenticate the locked user > "both" > > > > > > > > > > > > 88.191.100.2 - - [27/Nov/2012:05:47:58 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:47:59 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:47:59 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:47:59 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:47:59 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:47:59 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:00 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:00 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:00 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:00 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:01 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:01 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:01 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:01 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:01 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:02 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:02 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:02 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:02 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:02 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:03 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:03 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:03 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:03 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:03 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:04 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:04 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:04 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:04 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:04 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:05 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:05 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:05 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:05 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:05 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:06 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:06 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:06 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:06 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:06 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:07 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:07 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:07 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:07 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:07 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:08 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:08 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:08 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:08 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:08 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:09 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:09 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > 88.191.100.2 - - [27/Nov/2012:05:48:09 -0500] "HEAD /manager/html > > > > > HTTP/1.0" > > > > > > 401 - > > > > > > > > > > > > > > > > > > > > >