Why a proxy? Apache's Tomcat is a complex beast whose primary role is to render JavaServer Pages. While it can be configured to use and serve the modern web it's often an unnecessarily complex procedure. By using a dedicated reverse-proxy server such as nginx it allows you to separate web applications from the task of web serving. Use a solo instance of… Continue reading Nginx as a reverse-proxy to Apache Tomcat
Introduction In this guide I will walk through the process of hardening HTTPS connectors used by Apache Tomcat. As unfortunately the default configuration of Ubuntu 14.04 LTS using Tomcat 7 and OpenJDK 7 are vulnerable to a number of attacks and weak encryptions. You can test your own site’s HTTPS implementation against these weaknesses at… Continue reading Secure and harden Apache Tomcat’s SSL/TLS
This entry will guide through the process of creating a self-signed certificate to use on an Apache Tomcat 7 or 8 HTTPS connector. Self-signed certificates allow secure, encrypted HTTPS connections but are not certified by any trusted certificate authority. So first time client connections will receive all kinds of warnings from their web browser. Because of… Continue reading Create self-signed certificates for HTTPS with Apache Tomcat
Today I will walk through how to put into practice use the Tuckey URL Rewrite java web filter under an Apache Tomcat web server. URL rewriting is the method of converting complex URL parameters into more human readable format to allow more simple and memorable URLs. This can be an important function if you start… Continue reading Tuckey URLRewrite How-To
This entry will walk you through step by step to enable you from within Eclipse to start and shutdown a custom install of the open source CFML engine Railo running off Apache Tomcat. Most importantly though you will be able to implement this without the need of touching any fickle XML Tomcat configuration files. This… Continue reading Embed a Railo ColdFusion/CFML Server within your CFEclipse/Eclipse application with no need for XML configurations.
Updated August 2014: Tested to work with the latest Railo and UrlRewriteFilter versions. In this example I will show you how to quickly and dynamically lock down your server to block access to the Railo administration features that are enabled by default. This modification will require an additional download and the restarting of each Railo… Continue reading Secure Railo Administration (railo-context) On Your Railo Server.
This article written in early 2009 is out of date. This tutorial assumes you have a basic knowledge of virtualisation, Linux and the use of the command line. It will walk you through though and explain most things in detail. I created this tutorial mainly for ColdFusion and CFML developers who create applications and need… Continue reading Install Railo on a simple, barebones, Ubuntu Server Linux within a Sun VM Virtual Box virtual machine