How to troubleshoot tomcat downtime

Tomcat startup exception, what is the reason?

1, first from the tomcat official site下载tomcat, download must pay attention to tomcat installer package version information; which zip format for window compressed version, tar.gz for linux installation version, the installer’s for window installation version, as shown in

The reason why Tomcat starts up abnormally? installer for window installation version, as shown

2, the following first decompression of the function and role of the folder; bin used to place the startup and shutdown of the script file; conf placed in a variety of configuration files; lib support for jar packages; log to store the log file; temp to store temporary files; webappweb application is located in the folder; worktomcat working directory; the following figure; open tomcat can be clicked in the bin.

3, problem 1: click, the window flashes back, can not see the error in time, you can see whether the configuration of the JAVA_HOME environment variable; steps are as follows: computer right-click – & gt; Properties – & gt; Advanced System Settings – & gt; Advanced Environment Variables – & gt; System Variables to see whether the JAVA_HOME, if not then you need to configure; path for the JDK installation path; such as C:\ProgramFiles\Java\jdk1.6.0_21 (premise is that you need to install the JDK, such as if not installed, you need to install the JDK first).

4, Problem 2: port occupied; tomcat startup default port 8080; perhaps many people will ask how long the window did not stay, how to see ah; here I have spoken, the folder has a logs folder, used to store the log files, in the log files can be viewed in the cause of the error (the following chart); can be seen The reason for the error is because port 8080 is occupied; there are two ways to solve the problem, one of which will be released on port 8080; the other change to a port that is not occupied;

5, release the port: you can download software to query the port, such as TCPView or something like that; I am still using the system’s own tools; Start menu – &gt run –> enter cmd –> console enter netstat-ano can view the 8080 port which PID software occupied; and then ctrl + shift + Esc key combination to bring up the task manager –> process to find the PID and end it; run again, success!

6, change the port: tomcat folder, configuration folder conf–>server.xml–> modify the Connectorport=”80″, the advantage of using 80 is that when you enter the uri again, do not need to enter the port number 80, directly http:// localhost/** can be; here, port 80 may also be occupied by IIS, can be right-clicked through my computer – > Management – > Services and Applications – > internet information services management – > Services – > select the iis service and stop;

7, there is a kind of error is the catalina_home error; this happens when the user uses more than one tomcat installation package; such as in the c disk has a tomcat unpacked package, catalina_home set to the c disk under the path of tomcat; in the d disk has also unpacked a tomcat unpacked package, and then the d disk webapp folder to add a web application, a run 404; (the following chart) and then copy this application to the c disk under the webapp, run normally


Tomcat server is a free and open-source Web application server, is the Apache Software Foundation (ApacheSoftware), the Apache Software Foundation (ApacheSoftware). Foundation (ApacheSoftware Foundation) of the Jakarta project in a core project by Apache, Sun and a number of other companies and individuals to develop and become. As a result of Sun’s participation and support , the latest Servlet and JSP specifications can always be reflected in Tomcat, Tomcat5 support for the latest Servlet2.4 and JSP2.0 specifications. Because Tomcat technology is advanced , stable performance , and free , and therefore loved by Java enthusiasts and recognized by some software developers , to become the more popular Web application server . Currently the latest version is 8.0.

Basic Introduction

Tomcat server is a free open source Web application server , belonging to the lightweight application server , in the small and medium-sized systems and concurrent access to the user is not a lot of occasions are commonly used , is the first choice for the development and debugging of JSP programs . For a beginner , you can think of it this way , when configured on a machine Apache server , you can use it to respond to requests for access to HTML pages . In fact, Tomcat is partly an extension of the Apache server, but it runs independently, so when you run tomcat, it actually runs as a separate process from Apache.

The trick is that when configured correctly, Apache serves HTML pages, while Tomcat actually runs JSP pages and Servlets. in addition, Tomcat has the same capabilities as IIS, Apache, and other web servers for processing HTML pages, plus it’s a Servlet and JSP container, and the standalone Servlet container is the default mode of Tomcat. However, Tomcat’s ability to handle static HTML is not as good as the Apache server. The latest version of Tomcat is 8.0.0-RC1(alpha)Released.

Tomcat is very popular among programmers because it takes up little system resources when running, scales well, and supports load-balancing and mail services and other features commonly used in the development of applications; and it is still constantly being improved and perfected, and any interested Any interested programmer can change it or add new features to it.

TomcatTomcat4.0x in the use of the new Servlet container: Catalina, the complete implementation of Servlet2.3 and Jsp1.2 specification. Tomcat provides a variety of platforms for download, you can download from its official website on the source code version or binary version. Due to the cross-platform nature of Java , Java-based Tomcat also has cross-platform . Unlike traditional desktop applications, an application in Tomcat is a WAR (WebArchive) file, a Web application format proposed by Sun that, like JAR, is a compressed package of many files.

The files in this package are organized in a certain directory structure: usually the root directory contains Html and Jsp files or a directory containing both, and there is also a WEB-INF directory, which is very important. Usually in the WEB-INF directory there is a web.xml file and a classes directory, web.xml is the configuration file for the application, while the classes directory contains the compiled Servlet class and Jsp or Servlet depends on other classes (such as JavaBean). Usually these dependent classes can also be packaged into a JAR into the WEB-INF under the lib directory, of course, can also be placed in the system CLASSPATH, but that porting and management is not convenient.

tomcat startup process suddenly stopped no error log output

Problem phenomenon: deployed in the agriculture network mock system startup process catalina.out log startup process log printing suddenly paused, no error report, tomcat process stopped

Problem location: tomcat under the logs log have seen, no any abnormal log output, the same project under all applications on the same machine, suspect that may be caused by insufficient resources, but other applications can be started normally, no such problem. There is no abnormal log output, the same project under all applications on the same machine, suspect that there may not be enough resources to cause the problem, but other applications can be started normally, no such problem, after comparing the mock system found in is not configured in the JAVA_OPTS = “-Xms1024m-Xmx1024m-Xss1024K”, while the other projects have, plus after re-examining the system, I found that the JAVA_OPTS = “-Xms1024m-Xmx1024m-Xss1024K”. Other projects have it, add it and reboot, the problem no longer recurs.

Question: If there is not enough memory during the startup process, it should be reported as a memory overflow, but there is no such thing, so please ask the Ops to provide a way to view the system logs and locate the problem.

Problem analysis: then remove the heap memory configuration and other information to reproduce the problem, observe the system log

journalctl-xe >>1.log

Found that there are processes were killed off.

In order to understand this error, let’s review the basics related to operating systems.

We know that operating systems are built on processes. Processes are scheduled and maintained by kerneljobs, one of which is called “Outofmemorykiller” and is related to the OutOfMemoryError described in this section.

The Outofmemorykiller kills certain processes when available memory is extremely low. It is activated when a trigger condition is met, selects a process and kills it. Usually a heuristicsscoring algorithm is used to calculate a score for all processes, and the process with the lowest score will be killed. Therefore Outofmemory:Killprocessorsacrificechild and the previous OutOfMemoryError are different, because it is neither triggered by the JVM, nor by the JVM agent, but the system kernel built-in a security measure.

By default, Linux kernels allow processes to request more memory than the system has available. This is because, in most cases, many processes request a lot of memory but don’t actually use that much. As a simple analogy, a broadband rental provider may have a total bandwidth of only 10Gbps, but sell well over 100 copies of 100Mbps bandwidth. The reason is that most of the time there is a staggering of broadband users, and it is not possible for every user to utilize the full amount of bandwidth that the provider has committed to.

In this case, there may be a problem if some program takes up a large amount of system memory, then the amount of memory available will be very small, resulting in no memory pages to allocate to the process that needs it. This may be so extreme that the root user will not be able to kill the rogue process via kill. To prevent this, the system will automatically activate killer to find the rogue process and kill it.

Summary, tomcat startup is not configured heap memory, tomcat will be unlimited application of memory, application to a certain capacity, triggered the killer process, the killer process according to the algorithm to remove the current tomcat process.

Tomcat server WebShell problem troubleshooting

1, AliCloud prompted in the x.x.x.x server found Trojan horse file, was implanted in the webshell.

2, the Trojan horse file path: /web/tomcat-xxx/webapps/no3/cc.jsp.

1, before confirming the function of cc.jsp file, delete the no3 folder and no3.war file under the webapps folder, and at the same time, backup the no3.war file to the /home/xxx directory.

2. At the same time, send the cc.jsp file under the no3 folder to be analyzed locally, and confirm that it is a Trojan horse backdoor file for jsp, which can get the permission of the remote server.

1, the attacker uploaded a no3.war file under the webapps folder and created a no3 folder containing the cc.jsp Trojan horse file, the first thing you should do is to find the way and path of the upload. Check out the website and find that the website is using a Tomcat container.

2. Further thoughts are to troubleshoot the vulnerability of Tomcat itself, check Tomcat’s configuration file tomcat-users.xml, and found that ManagerAPP administrator weak password.

3. The possible attack idea is to upload a Trojan horse file in WAR format through the Tomcat weak password vulnerability.

1. Login to http://x.x.x.x/的ManagerApp功能 through admin/admin weak password.

2, and then find the WARfiletodepoly function, upload a Trojan horse contains the TomcatWAR package. WAR package is similar to a Web site compressed package file, you can construct their own Trojan horse in the WAR package, and then passed to the server.

3, here test uploaded a goodwin.war file (war contains a Trojan horse file cc.jsp), uploaded after the success of the server’s web site in the root directory will be automatically decompressed to generate a goodwin folder. The Trojan horse file cc.jsp is in the goodwin folder.

4, the chopper God, add and connect just uploaded the Trojan horse file address, password 023.

5, and then open the file management function, found that we have gained access to the server permissions, and access to all the files on the server.

6. This reproduces the process of the attacker uploading a no3.war file and automatically decompressing it to generate a no3 folder containing the cc.jsp Trojan horse, and then obtaining the server’s webshell through a remote connection to get the server’s permissions.

1. After determining that the suspicious file is a Trojan backdoor, delete the no3.war backed up on the server.

2. Delete the goodwin.war file uploaded by the testing process and all the files under the goodwin folder.

3. Change the Tomcat administrator password.

1, investigate and delete the suspicious user cat/etc/passwd on the server.

2, change the Tomcat password from time to time, and change it to a strong password that contains uppercase letters, lowercase letters, numbers, and special characters.

3, upgrade the version of Tomcat, the current version of 7.0.54, there are a number of security holes, it is recommended to upgrade to the latest version 7.0.88.

BS architecture Linux system tomcat running a few weeks after the server down

Generally tomcat does not cause the server to go down, because tomcat is running within jvm.

Also the memory exhaustion was found in the logs somewhere, I don’t know if the process that caused the memory exhaustion was analyzed.

I also had a problem with memory running out that prevented me from connecting to the server, and later found out it was a virus~~.

tomcat running why suddenly jsp file a refresh on the display of 404 errors

Generally, jsp file access to the 404 error is due to file path configuration errors, troubleshooting methods:

1, Tomcat is not normal start, because when modified jump address, sometimes Tomcat is not updated source address, this is the software on the This is a software bug, just rely on redeployment may not be able to solve the problem, you need to delete the project directory under the deployment (webapps within the project and work>Catalina>localhost within the project) of the two project files, redeployment can be.

2, the jump address is wrong, very basic errors, try to see in the browser address bar jump address there is no duplicate address, redundant “/”, and whether the correct use of “.” and “…” .” and “…”. Just change it.

3, the jump page file format has the wrong suffix, Jsp or Html.