Disabling the AJP protocol Apache Tomcat(R) to prevent the GhostCat vulnerability does not affect TIBCO iProcess(R) products
Article ID: KB0075941
Updated On:
| Products | Versions |
|---|---|
| TIBCO iProcess Engine (Oracle) | All Supported Versions |
| TIBCO iProcess Engine (DB2) | All Supported Versions |
| TIBCO iProcess Workspace (Browser) | All Supported Versions |
Description
Disabling the AJP protocol in Apache Tomcat to prevent the GhostCat vulnerability does not affect the TIBCO iProcess products that may use it, such as:
TIBCO iProcess Workspace (Browser)
TIBCO iProcess Engine
TIBCO iProcess Workspace (Browser)
TIBCO iProcess Engine
- Server Manager
- Administration Console
Issue/Introduction
Disabling the AJP protocol Apache Tomcat(R) to prevent the GhostCat vulnerability does not affect TIBCO iProcess(R) products
Environment
All Supported Operating Systems
Resolution
To disable the AJP protocol in Apache Tomcat:
1. Edit the file server.xml
2. Search for the section,
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
3. Comment out the AJP protocol configuration,
from:
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
to:
<!--
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
-->
4. Save the server.xml file
5. Restart Apache Tomcat
1. Edit the file server.xml
2. Search for the section,
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
3. Comment out the AJP protocol configuration,
from:
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
to:
<!--
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443"/>
-->
4. Save the server.xml file
5. Restart Apache Tomcat
Feedback
Yes
No
Powered by
