1. Change Server Header Response
In server.xml
<Connector port=”80″ protocol=”HTTP/1.1″
connectionTimeout=”20000″
redirectPort=”8443″
server=”<WhatEverYouWant2Show>”/>
2. Undeployed below applications
– / -> Root app which displays Tomcat Welcome page
– /docs -> which shows Tomcat documentation on http://ip/docs
– /examples -> It shows Tomcat examples page on http://ip/examples
3. Restrict access to manager and host-manager apps.
– Open TOMCAT_HOME/webapps/manager/META-INF/context.xml and added below “valve” settings in Context
<Valve className=”org.apache.catalina.valves.RemoteAddrValve”
allow=”XXX.XXX.XXX.XXX”/>
– Enter IP address or range from which you want to access manager or host-manager app. Also make sure that context has privileged=”true”
4. Changed manager & host-manager apps URL. For this rename TOMCAT_HOME/webapps/manager to TOMCAT_HOME/webapps/<new-name>
5. Redirect Tomcat error pages to custom page.
– Created custom error.jsp & store it in TOMCAT_HOME/webapps/<Application>/ folder
– Open TOMCAT_HOME/webapps/<Application>/WEB-INF/web.xml and go to the end of file, where default error pages have mentioned. for eg.:
<error-page>
<error-code>401</error-code>
<location>/WEB-INF/jsp/401.jsp</location>
</error-page>
And change “/WEB-INF/jsp/401.jsp” to “/error.jsp”
Need to do this inside manager and host-manager apps also.
At the end Restart tomcat to update new changes.