Hardening Tomcat version 7.0
Hardening Tomcat version 7.0.56 1) Disable not-needed services using chkconfig command as part of Operating System Hardening. 2) Install latest stable release of Java 3) Remove all contents is Webapps directory Set CATALINA_HOME variable first before executing below commands #CATALINA_HOME="/usr/local/apache-tomcat-7.0.56" #rm -rf $CATALINA_HOME/webapps/docs #rm -rf $CATALINA_HOME/webapps/examples #rm –rf $CATALINA_HOME/server/webapps/host-manager #rm –rf $CATALINA_HOME/server/webapps/manager #rm -rf $CATALINA_HOME/conf/Catalina/localhost/host-manager.xml #rm –rf $CATALINA_HOME/conf/Catalina/localhost/manager.xml 4) Run tomcat from Non-privileged account. Add user tomcat_admin and group tomcat. # groupadd tomcat; useradd -r tomcat_admin -G tomcat;. 5) Set below owner, group and others permission on Tomcat directories chown tomcat_admin:tomcat $CATALINA_HOME chmod g-w,o-rwx $CATALINA_HOME chown tomcat_admin:tomcat $CATALINA_HOME/conf