一、安装步骤
tomcat版本(8.5.81):
tar -zxvf apache-tomcat-8.5.81.tar.gz -C /app/
cd /app/
mv apache-tomcat-8.5.81/ tomcat/
chown -R webapp:app /app/tomcat
二、安全加固
1. 禁止默认页面登录
rm -rf /app/tomcat/webapps
mkdir -p /app/tomcat/webapps
2. 禁止浏览目录
cd /app/tomcat/conf
vi web.xml
<param-name>listings</param-name>
<param-value>false</param-value>
3.禁用版本信息展示
cd /app/tomcat/conf
vi server.xml
在最后的<Host></Host>模块内新增:
<Valve className="org.apache.catalina.valves.ErrorReportValve" showReport="false" showServerInfo="false" />
4.新增error-page定义
cd /app/tomcat/conf
vi web.xml
<!-- <welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
</welcome-file-list> -->
<error-page>
<error-code>404</error-code>
<location>/404.html</location>
</error-page>
<error-page>
<error-code>403</error-code>
<location>/403.html</location>
</error-page>
<error-page>
<error-code>500</error-code>
<location>/500.html</location>
</error-page>
mkdir -p /app/tomcat/webapps/ROOT
cd /app/tomcat/webapps/ROOT
echo 'You Get An Error 404!' > 404.html
echo 'You Get An Error 403!' > 403.html
echo 'You Get An Error 500!' > 500.html
5.重启TOMCAT
/app/tomcat/bin/shutdown.sh && /app/tomcat/bin/startup.sh