Showing posts with label infosec. Show all posts
Showing posts with label infosec. Show all posts

Sunday 8 March 2020

Tomcat Set Custom Common Error Page

Hi Fellas,

Today I'm sharing my learning to how to set custom common Error Page in Apache Tomcat.
Question: Why it is required ?
Answer: Minimal Answer ->Infosec Team.
Elaborate Anser -> When we do not set these pages, the default Error Page gives sensitive data like Server Version.
Steps do to it.
1. Remove all of the content of webapps other than your application.war/ear files.
2. Set the custom page.

Step 1.
Take a backup of all of the content of webapps.
BackUp of webapps
to keep in same directory

Doing this step will stop exposing the default applications.
Step 2.

This Step consists of two parts

Step A.
Open conf folder under tomcat root directory, and edit web.xml
Add these XML tags before the closing of <web-app>
i.e. in between
<web-app></web-app>

  <error-page>
        <error-code>404</error-code>
         <location>/error.jsp</location>
</error-page>
<error-page>
        <error-code>403</error-code>
         <location>/error.jsp</location>
</error-page>
<error-page>
         <error-code>500</error-code>
         <location>/error.jsp</location>
</error-page>


Step B.
Create a folder ROOT under webapps.
and create a error.jsp and restart the server.

Error Page Example.





Thank You :)

A Guide to Installing Oracle HR Schema on an Existing Docker Container

  Hi Reader, Today I want to share my learning on how to install Oracle HR schema on a existing docker container. Step 1: Download the verif...