Home Accessibility Courses Twitter The Mouth Facebook Resources Site Map About Us Contact
Python and Tcl - public course schedule [here]
Private courses on your site - see [here]
Please ask about maintenance training for Perl, PHP, Lua, etc
Tomcat - Shutdown port

On a new installation of Tomcat (default config files), you'll notice that your server.xml file is set up with a shutdown port of 8005, and shutdown="SHUTDOWN". What does this mean?

It means that anyone who contacts the server locally on port 8005 and send it the words SHUTDOWN can cause Tomcat to close out all its web applications and shut down cleanly. Yikes - is this a security hole of what? It could be. Fortunatly , you'll notice that I said it's a LOCAL connection to the port that causes a shutdown, so it no-one can ssh or telnet in, nor log in from the keyboard unless they're an admin, it might not be a problem ....

If your Tomcat server allows anyone except the administrator to log in with a shell, then I strongly suggest you change shutdown="SHUTDOWN" to shutdown="waSS-I41tis" so that at least it won't be a string that any hacker can guess. You might like to change the port number too. Alas, it would be unwise to disable the facility completely, since catalina.sh and shutdown.sh use the port (details read from the config file) as part of their processing. At least server.xml is neither group nor world readable.

waSS-I41tis => "what a STUPID SYSTEM - I for one think it's silly"
(written 2006-08-18)

Associated topics are indexed as below, or enter http://melksh.am/nnnn for individual articles
A652 - Web Application Deployment - Tomcat -Sourcing, Installing and Initial Testing
  [3819] Packing a tar, jar or war file - best practise - (2012-07-26)
  [2088] Changing the 404 - file not found - page in Tomcat - (2009-03-18)
  [1550] Java (JSP and Servlet examples) live on our server - (2008-02-23)
  [1049] Java 6, Apache Tomcat 6. - (2007-01-21)

A654 - Web Application Deployment - Configuring and Controlling Tomcat
  [3043] Gathering information - logging - with log4j. First steps. - (2010-11-12)
  [2652] Reading and writing cookies in Java Servlets and JSPs - (2010-02-26)
  [2163] CATALINA_OPTS v JAVA_OPTS - What is the difference? - (2009-05-09)
  [2061] Tomcat 6 - Annotated Sample Configuration Files - (2009-03-01)
  [2039] The Invoker - (2009-02-13)
  [1994] tomcat-users.xml; what a difference a space made - (2009-01-16)
  [1943] Port and Glasses - (2008-12-14)
  [1762] WEB-INF (Tomcat) and .htaccess (httpd) - (2008-08-20)
  [1553] Automatic startup and shutdown of Tomcat - (2008-02-24)
  [1503] Web page (http) error status 405 - (2008-01-12)
  [1370] Apache Tomcat Performance Tuning - (2007-09-29)
  [1351] Compressing web pages sent out from server. Is it worth it? - (2007-09-14)
  [914] A practical example of roles - (2006-11-04)
  [907] Browser -> httpd -> Tomcat -> MySQL. Restarting. - (2006-10-28)

  Previous and next
Horse's mouth home
Some other Articles
posts, page by page

This is a page archived from The Horse's Mouth at http://www.wellho.net/horse/ - the diary and writings of Graham Ellis. Every attempt was made to provide current information at the time the page was written, but things do move forward in our business - new software releases, price changes, new techniques. Please check back via our main site for current courses, prices, versions, etc - any mention of a price in "The Horse's Mouth" cannot be taken as an offer to supply at that price.

Link to Ezine home page (for reading).
Link to Blogging home page (to add comments).

Visitor Ranking 5.0 (5=excellent, 1=poor)

edit your own (not yet published) comments

Average page ranking - 5.0

© WELL HOUSE CONSULTANTS LTD., 2019: 404 The Spa • Melksham, Wiltshire • United Kingdom • SN12 6QL
PH: 01225 708225 • EMAIL: info@wellho.net • WEB: http://www.wellho.net • SKYPE: wellho

PAGE: http://www.wellho.net/mouth/837_Tomc ... -port.html • PAGE BUILT: Sat May 27 16:49:10 2017 • BUILD SYSTEM: WomanWithCat