Tomcat 7 Hardening Guide


continuing our tradition from last year (see here and here), we summarized more of our hardening recommendations for you. This guide is covering Tomcat 7 and is supposed to provide a solid base of hardening measures. It includes configuration examples and all necessary commands for each control, specifically for the most recent branch of Tomcat as there were some significant changes. Download: ERNW_Checklist_Tomcat7_Hardening.pdf

Have a good one,



    1. Stephen,

      thank you very much for the comment! The document was composed in the course of a specific question set which required this particular SSL configuration. However we will incorporate your comments in the next version, as this should be a generic hardening guide.

      Thanks & have a good one,

Comments are closed.