Securing Pebble, Roller, and Java web apps in general

« Parsing RSS with... | Main | del.icio.us »

Securing Pebble, Roller, and Java web apps in general

Simon Brown has been posting a number of good recommendations for securiting Pebble, but which apply to just about any Java web app. If you are running a public Roller server you should at least implement recommendations #1 and #2.

#1 Disable JSP compilation
#2 Don't run your server as root
#3 Use the Java security model

Additionally, for Roller site admins: if you are running Roller 0.9.8, make sure you are running with the latest security patch, see the Roller project blog for details. If you are running Roller 0.9.9 from CVS make sure you have updated your site since August 2, 2004.

Dave Johnson in Roller 06:54PM Sep 02, 2004 Comments [0]
Tags: Roller

Comments:

Welcome

This is just one entry in the weblog Blogging Roller. You may want to visit the main page of the weblog

Related entries

Below are the most recent entries in the category Roller, some may be related to this entry.

Upgraded to Roller 6.1.1
Roller 6 released
Powered by Digital Ocean Kubernetes
Roller 6.0.0-SNAPSHOT
Roller's new web UI
Powered by Postgresql and Docker Swarm
Modernizing the Roller UI
Now hosted on DigitalOcean
Apache Shiro for authentication in Roller
Upgraded to latest 5.1.0-SNAPSHOT