Turning off JSP access

Posted on by

To turn off JSP access in your JBoss or other favorite application server add this to your web.xml.



  
    you_cant_touch_this
    *.jsp

To prevent Apache from sending JSP requests to JBoss add the following to your configuration.

## DISALLOW FROM REACHING JBOSS (security-related filter):
!/*.jsp=name_of_your_app
!/*.xml=name_of_your_app


Related posts:

  1. mod_rewrite to bypass security
  2. Recurring Illegal Access Errors in JBoss when running ATG
  3. Trim White Space from JSP
  4. Size of collection in a JSP/DSP page
  5. How to Log SQL on JBoss

Leave a Reply

Your email address will not be published. Required fields are marked *