How-TO -> TOMCAT SECURE From WHM you can SETUP TOMCAT, but... The Security/Config?

[Mr Sanchez]

Hello,

Team POWER setup TOM (surely from WHM >> Manage Plugins).
And he say:

The admin url is http://servername.mydomain.com:8080/
The admin user is root
The admin password is 8IoSnsGqcCS

And he say: "Remember we no support this if you need support in TOM then pay to we US $150 by hour."


Then... Please somebody can help to we?

1. Is possible give ADMIN + PASSWORD different to each customer? How?

But the more important: Security

1. How avoid by example USERX run command "format disk" from JSP?
2. How avoid user malicious run command similar to "copy /home/OTHER/USERS to /home/hacker/" ?
3. Maybe (As in PHP) we need disabled functions?, whom?, how?

What we can do with:

The admin user is root
The admin password is 8IoSnsGqcCS

Where we used this?

Any help: THANKS.

We want offert TOMCAT to new customers is all. But we unknow ALL about of security of TOMCAT.

Our VPS run with APACHE PHP-Suexec.
Exist some similar to "Apache TOM-Suexec"? We no believe but our fear is users from TOM/JAVA can read /etc/passwd or some actions similar.

Newly THANKS.

[nimbar]

Hello, I would suggest you to edit your post and delete that password from it...a forum is not a good place to public such stuff. Good luck with your Tomcat!.

[Mr Sanchez]

Thanks Nimbar.
(Hablas español?)

Some help to config the "Panel Manager"?

[Martin]

some news about this ? I just installed tomcat with easyapache and after adding servlets from whm to an account, I see the jsp test page do not work, it show the jsp code:

http://74.204.172.128/~hostelha/jsptest.jsp