This section stresses the importance of blocking non-essential port access at the firewall.
Rationale
Important:
We recommend working with your systems/network administrator to block access to all non-essential ports at the firewall.
- It is easy to issue commands to Tomcat if you know:
- the correct port number; and
- the command expected on that port.
- Unless you are on a private network, you need a firewall to restrict who is allowed to access network ports.
Keep In Mind
- Port
8080
should have unrestricted access unless you plan to proxy requests to the Tomcat Servlet Container from an HTTP server. - If you are using any of the TDS monitoring and debugging tools, or the Tomcat Manager application, you must also open up port
8443
.
Resources
-
Your local systems/network administrator: