Tomcat 奇淫绝技

隐藏tomcat名称

修改conf/service.xml文件, server属性

<Connector
        executor="tomcatThreadPool"
        port="8080"
        protocol="org.apache.coyote.http11.Http11Nio2Protocol"
        connectionTimeout="20000"
        maxConnections="10000"
        redirectPort="8443"
        enableLookups="flase"
        acceptCount="100"
        maxPostSize="10485760"
        disableUploadTimeout="true"
        acceptorThreadCount="2"
        URIEncoding="utf-8"
        server="new api from tomcat8 server"
        />

禁用SHUTDOWN命令

tomcat初始输入命令telnet localhost 8005 SHUTDOWN就会关闭tomcat, 这是很危险了! 为了我们的安全关闭这个东西.

修改conf/service.xml文件, 8005改成-1

<Server port="-1" shutdown="SHUTDOWN">

传输压缩

在进行网络传输时, 进行静态文件等压缩处理

<Connector port="8080" 
    protocol="HTTP/1.1" 
    connectionTimeout="20000" 
    redirectPort="8443" 
    compression="on" 
    compressionMinSize1="2048" 
    noCompressionUserAgents="gozilla, traviata" 
    compressableMimeType="text/html,text/xml,text/javascript,text/css,text/plain,application/octet-stream"/>

参考

• Tomcat 6 文档: https://tomcat.apache.org/tomcat-6.0-doc/config
• Tomcat 7 文档: https://tomcat.apache.org/tomcat-7.0-doc/config/
• Tomcat 8 文档: https://tomcat.apache.org/tomcat-8.0-doc/config/