5.3
Table Of Contents
- vFabric Web Server Installation and Configuration
- Table of Contents
- 1. About vFabric Web Server Installation and Configuration
- 2. Overview of vFabric Web Server
- 3. Installing vFabric Web Server
- Installation Note for vFabric Suite Customers
- Available Distribution Packages
- RHEL: Install vFabric Web Server from an RPM
- Unix: Install vFabric Web Server from a Self-Extracting ZIP
- Windows: Install vFabric Web Server from a ZIP File
- Activate a vFabric Web Server Local License
- Description of the vFabric Web Server Installation
- 4. Upgrading vFabric Web Server
- 5. Migrating Enterprise Ready Server to vFabric Web Server
- 6. Creating and Using vFabric Web Server Instances
- 7. Configuring vFabric Web Server Instances
- Using Sample Configuration Files to Enable Features and Modify Configuration
- Configure Load Balancing Between Two or More tc Runtime Instances
- Configure SSL Between vFabric Web Server and vFabric tc Server
- Configure tc Runtime Instances to Use SSL
- Configure the vFabric Web Server Instance to Use SSL
- Restrict Communication With tc Runtime Instances to Known Clients
- Update the Web Server Configuration for HTTPS Connections to tc Runtime Instances
- Configure vFabric Web Server to Authenticate Itself Using a Specific Client Certificate
- Configure BMX for Monitoring vFabric Web Server Instances
- Metrics
- 8. Security Information
- 9. Managing Planned and Unplanned Outages
- 10. Additional Documentation
Security Information 47
VMware vFabric Suite 5.3 47
8. Security Information
VMware is committed to providing products and solutions that allow you to assess the security of your information, secure your
information infrastructure, protect your sensitive information, and manage security information and events to assure effectiveness
and regulatory compliance. As part of this commitment, the following vFabric Web Server-specific security information is
provided to help you secure your environment:
• External Ports
• Resources That Must Be Protected
• Log File Locations
• User Accounts Created at Installation
• Obtaining and Installing Latest Version of Product
External Interfaces, Ports, and Services
A vFabric Web Server instance uses TCP/IP ports to receive incoming requests and send outgoing responses. Different protocols
(such as HTTP or HTTPS) listen on different ports. You can change these port numbers when you create the Web Server instance
using the newserver script, but these are the default values:
• HTTP: 80
• HTTPS: 443
If you have already created the Web Server instance, you can change its HTTP listen port by updating the Listen 90 http
directive in the INSTANCE-DIR/conf/httpd.conf file, where INSTANCE-DIR refers to the directory in which the Web
Server instance is located, such as /opt/vmware/vfabric-web-server/myserver. To update the HTTPS port, update
the Listen 443 https directive in the INSTANCE-DIR/conf/extra/httpd-ssl.conf file.
vFabric Web Server does not have any external interfaces or services that need to be enabled or opened.
Resources That Must Be Protected
The following vFabric Web Server configuration files should be readable and writable only by the root (Unix) or
Administrator (Windows) user:
• conf/httpd.conf
• conf/userfile
• All files in the ssl directory (if you have enabled SSL for the instance)
• extra/conf/httpd-ssl.conf (if you have enabled SSL for the instance)
• Any other conf/httpd-XX.conf file that you have for which there is an uncommented Include in the main conf/
httpd.conf configuration file.
These configuration files are specific to a Web Server instance and are stored in the INSTANCE-DIR directory, where
INSTANCE-DIR refers to the directory in which the Web Server instance is located, such as /opt/vmware/vfabric-web-
server/myserver.
Log File Locations
The most important log files for a vFabric Web Server instance are as follows:
• error_log: Contains errors and diagnostic information that occurred while the Web Server instance was serving requests.