Older versions of Apache Tomcat, as well as the older servlet specifications required that several configuration values need to be set. With servlet 3, you can now modify the name of the session cookie (as well as the ‘rewriting’ attribute name) in the web.xml file
In web.xml: (servlet 3.x)
<name>mysessionid</name><!-- default is jsessionid -->
Alternately for Tomcat7, modify
<Context path="/exampleApp" sessionCookieName="myid">
If you are using spring security, then you should try setting
disable-url-rewriting attribute of
<http> element to true.
I often find it necessary to setup a temporary server for testing web applications. The easiest way to support this is often to create an integration (beta) test server that can be configured to support multiple hosts.
sudo apt-get install apache2
sudo a2enmod proxy
sudo a2enmod proxy_http
sudo a2enmod rewrite
sudo chmod 755 /var/www
To add a new site:
sudo cp 000-default.conf yourdomain.com.conf
sudo vi yourdomain.com.conf
(change values as appropriate)
sudo chown -R YOURUSER:YOURGROUP yourdomain.com.conf
sudo mkdir -p /var/www/yourdomain.com
sudo chmod 755 /var/www
sudo vi /var/www/yourdomain.com/index.html
(add some fluff)
sudo chown -R YOURUSER:YOURGROUP /var/www/yourdomain.com
sudo a2ensite yourdomain.com
sudo service apache2 reload
sudo service apache2 restart
NOTE: replace YOURUSER and YOURGROUP with appropriate values for your server.
There’s yet another new means to ‘help’ client User-Agents with preventing XSS on your websites.
In it’s simplest form you can simply use the following HTTP Header(s), the second one is for earlier versions of Webkit (Chrome/Safari):
Content-Security-Policy: default-src 'self'
Webkit-CSP: default-src 'self'
You can also add to the above to permit assets to load from other sources.
Content-Security-Policy: default-src 'self'; script-src http://example.com
Additionally, while failures are noted in the client’s browser console (that most users are not aware of), you can have them sent back to your server by adding a ‘report-uri’ attribute with an appropriate handler:
Content-Security-Policy: default-src 'self'; report-uri http://example.com/csp-report.php
There are a few steps that I generally take to setup a new Tomcat server instance, this enables the following:
- The manager console
- HTTP compression
- UTF-8 encoding
- tomcat-users.xml – add to bottom:
<user username="tomcat" password="s3cr3t" roles="manager-gui"/>
server.xml – add compression and URIEncoding, change port if desired:
<Connector port="8080" protocol="HTTP/1.1"
redirectPort="8443" compression="on" URIEncoding="UTF-8" />
- server.xml – relocate webapps by adding ../ to appBase
<Host name="localhost" appBase="../webapps"
- Restart your server, on Ubuntu use:
sudo service tomcat7 restart
Often you find a neeed to keep an old copy of Firefox around for testing or to use a specific plugin (Example: Selenium). In these cases it can often prove problematic to allow the browser to auto-update. Here are some simple steps to prevent this behavior.
about:config” into the Firefox URL bar, then change the following values. You can click on them to toggle.
app.update.auto = false
app.update.enabled = false
Alternately, on Windows you can edit the config file at:
After updating the JDK on my development workstations, NetBeans started reporting the following at each start up.
Cannot locate java installation in specified jdkhome:
Do you want to try to use default version?
[ Yes | No ]
Thankfully, after a little searching, I found that the solution is very simple. You can change the value or comment it out with a # in:
C:\Program Files\NetBeans #.#.#\etc\netbeans.conf
I recently had to use a Windows computer with Cisco NAC installed, and found that there was a lot of disk activity for logging.
These files would grow to approximately 5MB before rotation.
C:\Documents and Settings\All Users\Application Data\Cisco\Cisco NAC Agent\logs\NACAgentLogCurrent.log
C:\Documents and Settings\All Users\Application Data\Cisco\Cisco NAC Agent\logs\NACAgentLogOld.log
To reduce this overhead (when no problems exist), the config file is exposed in XML.
C:\Program Files\Cisco\Cisco NAC Agent\NACAgentCFG.xml
- Add/modify the LogFileSize attribute to 0 (zero) as shown below:
<?xml version="1.0" ?>
<LogFileSize>0</LogFileSize><!-- default 5 -->
- Remove the old .log files
NOTE: if you ever have networking issues and require support, you will need to restore the default value to ‘5’.
If you take a close look at your logs you may occasionally see requests for a file named
wpad.dat. This file is related to automatic proxy configuration in many browsers.
To provide this capability to your users and website,
Default behavior is to traverse the domain in reverse, looking for one with a file named
Example (using my domain for example):
- Then in httpd.conf, set the MIME type:
AddType application/x-ns-proxy-autoconfig .pac
- Also in httpd.conf, add a redirect to the actual file you wish to use.
Redirect permanent /wpad.dat http://www.giantgeek.com/proxy.pac
- In the new file, add the following default contents, modify if you use a proxy:
/* 'proxy.pac' - This is the main function called by any browser
NOTE: there is NO proxy!
function FindProxyForURL(url, host)
} // End function FindProxyForUrl
There may come a time when you want to change server behaviors for a specific path on your web server. Often times this becomes necessary if you host web sites that the customer wants to manage externally.
There are only a few small changes required:
- In your httpd.conf file…
# use .htaccess files for overriding,
# and never show any file starting with .ht
<files ~ "^\.ht">
Deny from all
- The for the paths (or virtual hosts, you’ll need to add this line):
- Add the appropriate .htaccess files where needed.
DISCLAIMER: This technique CAN result in performance improvements, but should be put in your main server configuration file (httpd.conf), rather than in .htaccess files. .These files, by their very nature, cause performance degradation on your website, and so should be avoided whenever possible as they require an increase in file I/O (reads) on the server.
After a clean install, or simply access to a new machine, I often find it helpful to enable colored prompts in the terminal/command line environment.
For standard Ubuntu / Debian / Linux environments, this only requires you to remove a comment from a single line in a config file.
/home/%USERID%/.bashrc you will find the following text, the last line simply needs to have the hash removed:
# uncomment for a colored prompt, if the terminal has the capability; turned
# off by default to not distract the user: the focus in a terminal window
# should be on the output of commands, not on the prompt
Open vi/vim or your editor of choice and remove it and you are done!
NOTE: If you are using Nautilus, you will not see this file as it is hidden, choose “View”, “Show Hidden Files” (CTRL-H) and it should appear.