>> I agree with your comment. Adding a second box for Tomcat only means I >> also have to configure a firewall between them, whereas using >> 127.0.0.x for Tomcat protects it completely.
> No it doesn't! > Obfuscation or indirection != security. > HTTPD doesn't magically provide you with some extra security capability. I don't know what you're talking about. I didn't mention HTTPD in the message you quoted. I mentioned 127.0.0.x, and it does exactly what I said it does. There is no 'security via obscurity' here, just a well-known TCP mechanism. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org