To set SSL on Tomcat, we need a digital certificate that can be created using Java keytool for the development environment. For the production environment, you should get a certificate from trusted providers such as Lets’ Encrypt...
In this quick article I'll show you how you can check Apache Tomcat version. We will be using only the cmd and a method from catalina.jar
The information has been provided by Rodrigo Marcos. A recent Apache vulnerability has been made public whereby an attacker could gain unauthorised access to content in the DMZ network: The mod_proxy module in the Apache HTTP Server 1...
Slowloris is a denial-of-service attack program that allows an attacker to overwhelm a targeted server by opening and maintaining many simultaneous HTTP connections between the attacker and the target.
On Apache you can restrict access by IP address in either the virtualhost directives or the .htaccess files.
On a website that is password protected using Apache basic authentication to auto-renew SSL we need to make the .well-known folder to be accessible without password. Password protected Apache website: <Directory "/var/www/html/"> AuthType...
When Apache Directory Index is enabled, if you browse to a url that have no index file present, you will see list of all files. This is not good for securiy as hackers can see all files present in the directory.