Note : You need version 2. Log in to post to this feed. Menu Menu. On February 27, , the National Vulnerability Database disclosed that a critical security flaw has existed in Apache Tomcat for the past 13 years. In response to this security vulnerability, the AJP port is now disabled by default. Log in to vote. Filter Feed Refresh this feed.
Skip Feed Nothing here yet? AJP 1. Ask Question. Asked 10 years, 5 months ago. Active 8 years ago. Viewed 34k times. Improve this question. They really should add a property to reassign this.
Oh boy, and now, almost 9 years later we get the ghostcat vulnerability targeting exactly this Add a comment. Active Oldest Votes. Improve this answer. Tomasz Nurkiewicz Tomasz Nurkiewicz k 67 67 gold badges silver badges bronze badges. I disabled Tomcat on , only want to use Apache. This connector supports load balancing when used in conjunction with the jvmRoute attribute of the Engine. Java class name of the implementation to use. This class must implement the org.
Connector interface. You must specify the standard value defined below. Set to true if you want calls to request. By default, DNS lookups are disabled. Set this attribute to the name of the protocol you wish to have returned by calls to request. For example, you would set this attribute to " https " for an SSL Connector. The default value is " http ". Set this attribute to true if you wish to have calls to request.
The default value is false. This implementation supports the JK 1.
0コメント