CIS Apache Tomcat Server Benchmark v.1.0.0

Release Date: Sun Dec 13 12:38:35 2009  

This document, Security Configuration Benchmark for Apache Tomcat 5.5/6.0, provides prescriptive guidance for establishing a secure configuration posture for Apache Tomcat versions 5.5 - 6.0.20 running on Linux. This guide was tested against Apache Tomcat 5.5 and 6.0.20 as installed by tar packages provided by Apache.

Acknowledgements

The CIS community thanks the entire consensus team with special recognition to the following individuals who contributed greatly to the creation of this guide:

Authors:

• Adam Ely, TiVo, Inc.
• Raymond Forbes

Maintainers:

• Blake Frantz, Center for Internet Security

Contributors:

• Alan Tetrault
• Bedirhan Urgun
• Blake Frantz, Center for Internet Security
• Harold Cochran
• Jasaun Neff
• Mark Thomas
• Mike de Libero, MDE-Development, LLC.

---

Download