• 9

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191


File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

I have a fairly open ended question. My goal is to ensure that my server is secure and hardened and only using HTTPS/SSL. Certificates installed already etc.

We are only using tomcat for the server. It is serving everything fine. However in doing a security review for the server I noticed that the default "welcome" page for apache was still serving on www.ourdomain.com/index.html

I disabled this through simply renaming the welcome.conf file in httpd/conf.d/ However, I realized that the best way here is really just to disable apache all-together (if that is possible), or redirect all requests from apache to the ports that tomcat is listening on...perhaps?

Thats basically where my question is: * How would I completely disable Apache, since we arent using it at all? * If I do ^^ above would it impact tomcat in any way? (I'm assuming not) * How would I alternatively keep apache httpd running and just redirect all requests to tomcat? What files should I put these redirect rules in? httpd/conf.d/redirect.conf - or something???

I've spent an hour trying to search the internet for anything related to "disable apache while running tomcat" and literally cannot find a single page. Everything talks about integrating apache and tomcat, or redirect rules, etc.

So I am thinking maybe that its not possible or is an obvious thing I am missing here - but I cant see any reason why apache needs to be running at all if tomcat is also a webserver (and we're only using it to serve a java webapp anyway).


Trending Tags