====== Configuring and setting up Tomcat ======

===== Intro =====


===== Conventions used in this document =====

CATALINA_HOME refers to the path of your Tomcat installation. In Unix, you should 
refer it as $CATALINA_HOME, while in Windows it will be referred as %CATALINA_HOME%.

===== Security =====

==== Disable AJP if you aren't going to use through apache ====

AJP it's a protocol to connect Apache with a Java Application Server, like Tomcat. 

If you don't plan to use Apache in front of Tomcat, disable AJP. Open the CATALINA_HOmE/conf/server.xml file and 
disable this line: 

<code xml>
    <!-- Define an AJP 1.3 Connector on port 8009 -->
    <!-- Connector port="8009" protocol="AJP/1.3" redirectPort="8443" / -->
</code>

==== Disable autodeploy if you are going to use Tomcat in a production environment ====

Autodeploy means that every web application created under CATALINA_HOME/webapps
is automatically deployed; every JSP compiled, etc. This is not necessary for 
production sites for two reasons: 1) it burdens the load of Tomcat checking every X seconds
if new content has dropped and 2) it could be potentially dangerous if a hacker can 
put new content into this directory. 

To disable it, open CATALINA_HOME/conf/server.xml and locate 
this: 

<code xml>
      <Host name="localhost"  appBase="webapps"
            unpackWARs="true" autoDeploy="true">
</code>

and put a false in the attributes ''unpackWARs'' and ''autoDeploy'':

<code xml>
      <Host name="localhost"  appBase="webapps"
            unpackWARs="false" autoDeploy="false">
</code>

~~DISQUS~~