47.2.1.?server.xml

47.2.1.1.?Connector

tomcat 端口默認為8080, 可以通過修改下面port項改為80端口，但不建議你這樣使用80端口,tomcat 會繼承root權(quán)限，這是非常危險的做法。

<Connector port="80" protocol="HTTP/1.1"connectionTimeout="20000"redirectPort="8443" />

性能調(diào)整

<Connector port="8080" protocol="HTTP/1.1"connectionTimeout="20000"redirectPort="8443"maxThreads="2048" /><Connector port="8080" protocol="HTTP/1.1"maxThreads="2048"minSpareThreads="64"maxSpareThreads="256"acceptCount="128"enableLookups="false"redirectPort="8443"debug="0"connectionTimeout="20000"disableUploadTimeout="true"URIEncoding="UTF-8" /> maxThreads="4096" 最大連接數(shù) minSpareThreads="50" 最小空閑線程 maxSpareThreads="100" 最大空閑線程 enableLookups="false" 禁止域名解析 acceptCount="15000" connectionTimeout="30000" 超時時間 redirectPort="8443" disableUploadTimeout="true" URIEncoding="UTF-8" UTF-8編碼 protocol="AJP/1.3" AJP協(xié)議版本

47.2.1.1.1.?HTTPS

<Connector port="443" maxHttpHeaderSize="8192"maxThreads="150" minSpareThreads="25" maxSpareThreads="75"enableLookups="false" disableUploadTimeout="true"acceptCount="100" scheme="https" secure="true"SSLEngine="on"SSLCertificateFile="${catalina.base}/conf/localhost.crt"SSLCertificateKeyFile="${catalina.base}/conf/localhost.key" />

47.2.1.1.2.?compression

壓縮傳送數(shù)據(jù)

compression="on" compressionMinSize="2048" noCompressionUserAgents="gozilla, traviata" compressableMimeType="text/html,text/xml,text/plain,text/javascript,text/css"

47.2.1.1.3.?useBodyEncodingForURI

如果你的站點編碼非UTF-8,去掉URIEncoding="UTF-8"使用下面選項.

useBodyEncodingForURI="true"

47.2.1.1.4.?隱藏Tomcat版本信息

在Connector中加入server="Neo App Srv 1.0"

vim $CATALINA_HOME/conf/server.xml<Connector port="80" protocol="HTTP/1.1"connectionTimeout="20000"redirectPort="8443"maxThreads="8192"minSpareThreads="64"maxSpareThreads="128"acceptCount="128"enableLookups="false"server="Neo App Srv 1.0"/> # curl -I http://localhost:8080/ HTTP/1.1 400 Bad Request Transfer-Encoding: chunked Date: Thu, 20 Oct 2011 09:51:55 GMT Connection: close Server: Neo App Srv 1.0

47.2.1.2.?Context

配置虛擬目錄

例如我們需要這樣的配置

http://www.netkiller.cn/news http://www.netkiller.cn/member http://www.netkiller.cn/product

實現(xiàn)方法

<Host name="localhost" appBase="/www/example.com" unpackWARs="true" autoDeploy="true"><Alias>www.example.com</Alias><Context path="news" docBase="www.example.com/news" reloadable="false"></Context><Context path="member" docBase="www.example.com/member" reloadable="false"></Context><Context path="product" docBase="www.example.com/product" reloadable="false"></Context></Host>

47.2.1.2.1.?應用程序安全

關閉war自動部署 unpackWARs="false" autoDeploy="false"。防止被植入木馬等惡意程序

關閉 reloadable="false" 也用于防止被植入木馬

47.2.1.2.2.?JSESSIONID

修改 Cookie 變量 JSESSIONID， 這個cookie 是用于維持Session關系。建議你改為PHPSESSID。

<Context path="" docBase="path/to/your" reloadable="false" sessionCookieDomain=".example.com" sessionCookiePath="/" sessionCookieName="PHPSESSID" />

47.2.2.?tomcat-users.xml

<?xml version='1.0' encoding='utf-8'?> <tomcat-users><role rolename="manager"/> <user username="tomcat" password="QI0Ajp7" roles="manager"/></tomcat-users>

狀態(tài)監(jiān)控 http://localhost/manager/status

服務管理 http://localhost/manager/html/list

<tomcat-users> <!--NOTE: By default, no user is included in the "manager-gui" role requiredto operate the "/manager/html" web application. If you wish to use this app,you must define such a user - the username and password are arbitrary. --> <!--NOTE: The sample user and role entries below are wrapped in a commentand thus are ignored when reading this file. Do not forget to remove<!.. ..> that surrounds them. --> <!--<role rolename="tomcat"/><role rolename="role1"/><user username="tomcat" password="tomcat" roles="tomcat"/><user username="both" password="tomcat" roles="tomcat,role1"/><user username="role1" password="tomcat" roles="role1"/> --><role rolename="manager-gui"/><role rolename="manager-script"/><role rolename="manager-jmx"/><role rolename="manager-status"/><user username="tomcat" password="tomcat" roles="manager-gui,manager-script,manager-jmx,manager-status"/><role rolename="admin-gui"/><role rolename="admin-script"/><user username="admin" password="admin" roles="admin-gui,admin-script"/></tomcat-users>

47.2.3.?context.xml

context.xml 主要用于配置 數(shù)據(jù)庫連接池

開啟熱部署，生產(chǎn)環(huán)境不建議使用

<Context reloadable="true">

47.2.3.1.?Resources

org.apache.catalina.webresources.Cache.getResource Unable to add the resource at [/WEB-INF/lib/netkiller.jar] to the cache because there was insufficient free space available after evicting expired cache entries - consider increasing the maximum size of the cache

<Resources cachingAllowed="true" cacheMaxSize="100000" />

47.2.3.2.?session cookie

<Context sessionCookieName="PHPSESSID" sessionCookieDomain=".example.com" sessionCookiePath="/"><!-- ... --> </Context>

47.2.4.?logging.properties

修改日志目錄

1catalina.org.apache.juli.FileHandler.level = FINE #1catalina.org.apache.juli.FileHandler.directory = ${catalina.base}/logs 1catalina.org.apache.juli.FileHandler.directory = /www/logs/tomcat 1catalina.org.apache.juli.FileHandler.prefix = catalina.

47.2.5.?catalina.properties

配置跳過掃描*.jar

tomcat.util.scan.StandardJarScanFilter.jarsToSkip=\*.jar

context.xml

<JarScanner scanClassPath="false"/>

原文出處：Netkiller 系列 手札
本文作者：陳景峯
轉(zhuǎn)載請與作者聯(lián)系，同時請務必標明文章原始出處和作者信息及本聲明。

總結(jié)

以上是生活随笔為你收集整理的47.2. 配置 Tomcat 服务器的全部內(nèi)容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網(wǎng)站內(nèi)容還不錯，歡迎將生活随笔推薦給好友。