Skip to main content
We’ve updated our Terms of Service. A new AI Addendum clarifies how Stack Overflow utilizes AI interactions.
Server Fault

Return to Answer

replaced http://serverfault.com/ with https://serverfault.com/
Source Link
Community Bot
Community Bot
  • 1

you most definitely don't want to run your web application as root! never-ever!!

make it as secure as possible, - it will be hacked, it's just a matter of time (and popularity :) )

run tomcat as another user ('tomcat' or such) that can only read/write (if required) to it's own dir.

as for port redirection, I'd recommend using iptables, just as you showed.

alternatively you can do apache redirect as described hereas described here.

if you have a larger site and use hardware loadbalancers, you might map port 80 on the VIP to port 8080 on your web servers, in which case you don't have to do anything on the server side, and tbh, this is the best approach.

you most definitely don't want to run your web application as root! never-ever!!

make it as secure as possible, - it will be hacked, it's just a matter of time (and popularity :) )

run tomcat as another user ('tomcat' or such) that can only read/write (if required) to it's own dir.

as for port redirection, I'd recommend using iptables, just as you showed.

alternatively you can do apache redirect as described here.

if you have a larger site and use hardware loadbalancers, you might map port 80 on the VIP to port 8080 on your web servers, in which case you don't have to do anything on the server side, and tbh, this is the best approach.

you most definitely don't want to run your web application as root! never-ever!!

make it as secure as possible, - it will be hacked, it's just a matter of time (and popularity :) )

run tomcat as another user ('tomcat' or such) that can only read/write (if required) to it's own dir.

as for port redirection, I'd recommend using iptables, just as you showed.

alternatively you can do apache redirect as described here.

if you have a larger site and use hardware loadbalancers, you might map port 80 on the VIP to port 8080 on your web servers, in which case you don't have to do anything on the server side, and tbh, this is the best approach.

Source Link
rytis
rytis
  • 2.4k
  • 1
  • 19
  • 13

you most definitely don't want to run your web application as root! never-ever!!

make it as secure as possible, - it will be hacked, it's just a matter of time (and popularity :) )

run tomcat as another user ('tomcat' or such) that can only read/write (if required) to it's own dir.

as for port redirection, I'd recommend using iptables, just as you showed.

alternatively you can do apache redirect as described here.

if you have a larger site and use hardware loadbalancers, you might map port 80 on the VIP to port 8080 on your web servers, in which case you don't have to do anything on the server side, and tbh, this is the best approach.