Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Resolving problems with web application
Top Forums Web Development Resolving problems with web application Post 303045649 by anaigini45 on Monday 6th of April 2020 08:47:22 AM
Old 04-06-2020
Resolving problems with web application
Hi,


There is an application that our team uses that has been throwing "Connection Time Out" errors very often.
We want to resolve this problem ASAP, but we are at a dead end of how to go about resolving this problem.


The application that we use is apache-tomcat-6.0.32. In the same server that this version of tomcat runs, we also have applications running on apache-tomcat-7.0.12.
For the latter, there is no connection time out problems. After further investigation, I found an article that says :


Quote:
Support for Apache Tomcat 6.0.x ended on 31st December 2016. There have been multiple security vulnerabilities announced since then that are very likely to affect the 6.0.x series (once a Tomcat version reaches EOL, it is not assessed to see if it is affected by new security vulnerability reports).
So I believe that this is the cause for the problem ?


To resolve this our team has discussed, and the plan is to upgrade the tomcat to tomcat 8, and josso from 1.8 to josso 2. I have started the setup and config of josso2, however now I am stuck at getting the user credentials from our database.
I am sure this will take some time to resolve, although I cannot estimate how long.


Is there a way to temporarily stop the "Connection Time Out" problem? Is it possible to add some values/variables in workers.properties or any other config file in tomcat to resolve this problem temporarily?
 

4 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Web Server - uploading Frontpage web - will there be problems??

hiya All, New to this Web site stuff. Will be installing Fedora's latest O/S (including Apache) - onto a spare PC Then... Gulp... setting up a Web server. Designing a Web site using WINDOWS FRONT PAGE 2002: * Simply easiest/quickiest way to knock up a basic site. * There won't be... (6 Replies)
Discussion started by: marty 600
6 Replies

2. Web Development

Problems with an application

I gurus Can any guru of networking or applications can help me with this problem please. I Attached a document where I try to explain in detail the problem. So I attached a wireshark capture too. I attached a file where I can explain in detail the problem and a pcap file where you can observe... (7 Replies)
Discussion started by: andresguillen
7 Replies

3. Web Development

Web Application creation on UNIX

Hi, I would like to create an application with HTML front end in Unix. I am working on enterprise Unix server, so I could not install any add ons or software in my machine. but still i have super user permissions. I can change the permissions as i wish. I have built a small application with... (1 Reply)
Discussion started by: Balasankar
1 Replies

4. Web Development

Starting Web Application on Jboss

Hello, I installed Jboss EAP 6 on a remote Linux server in standalone mode, and deployed a HelloWorld war file successfully. Opened a browser on my PC and pointed to http://127.0.0.1:8080/filename. I can see “Hello World!” on my browser. However, if the browser points to http://server's... (3 Replies)
Discussion started by: learnix
3 Replies

LEARN ABOUT DEBIAN

spikeproxy

SPIKEPROXY(1)						      General Commands Manual						     SPIKEPROXY(1)

NAME

       spikeproxy - web application auditing tool

SYNOPSIS

       spkproxy [-s SSLproxyhost] [-p port] [-U NTLMUser] [-D NTLMDomain] [-P NTLMPassword] [-l ListenHost] [-c cache_directory]

DESCRIPTION

       This  manual  page documents briefly the spikeproxy command.  This manual page was written for the Debian distribution because the original
       program does not have a manual page.

       SPIKE proXY functions as an HTTP and HTTPS proxy, and allows web developers or web application auditors low level access to the entire  web
       application  interface,	while  also providing a number	of automated tools and techniques for discovering common problems. These automated
       tools include:

       1.Automated SQL Injection Detection

       2.Web Site Crawling (guaranteed not to crawl sites other than the one being tested)

       3.Login form brute forcing

       4.Automated overflow detection

       5.Automated directory traversal detection

       In addition to automated analysis, SPIKE proXy allows the user to penetrate into the internals of the web application by viewing and chang-
       ing  all  variables,  cookies,  headers,  or  other  parts of the request and resubmit them. SPIKE proXy maintains a careful record of each
       request made - saving both each request, and the entire response. The user can later go back and replace any request or view any response.

OPTIONS

       This program can be configured with the options listed below.  The options may be given in any order.

       -c cache directory
	      The directory that will be used to cache all the requests. This directory is created if it does not exist. The default  location	is
	      /var/cache/spikeproxy  but it can only be used by the root user.	-l listenhost The IP address the proxy will listen on (it defaults
	      to 127.0.0.1 so it is not available from external hosts).

       -p port
	      This option sets the port the proxy will listen on (it defaults to 8080 if not provided).

       -h proxyHost
	      Sets a proxy host to use in the proxy chain.  Spike will forward all requests to this proxy.

       -H proxyPort
	      Sets the port for the proxy host.

       -s proxySSLHost
	      Sets a proxy host for SSL connections. Spike will forward all SSL requests to this proxy.

       -S proxySSLPort
	      Sets the port for the SSL proxy host.

       -U NTLM Username
	      Defines the NTLM username it will use when authenticating to the proxy host.

       -P NTLM Password
	      Sets the password it will use when authenticating to the proxy host.

       -D NTLM Domain
	      Sets the NTLM domain it will use when providing credentials to the proxy host.

SEE ALSO

       The program provides inline documentation in the user interface when connected to it through a web client. If you are trying to audit a web
       application you might want to read OWASP Guide to Building Secure Web Applications and Web Services, Application Security Attack Components
       project, Application Security Testing Framework, and the OWASP Web Application Security TopTen available at  http://www.owasp.org  and  the
       World Wide Web Security FAQ available at http://www.w3.org/Security/Faq/

AUTHOR

       This  manual  page  was	written by Javier Fernandez-Sanguino Pen~a <jfs@computer.org>, for the Debian GNU/Linux system (but may be used by
       others).

								 October  2, 2006						     SPIKEPROXY(1)
All times are GMT -4. The time now is 04:44 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy