How secure EC2 Instance (Windows Server 2016) after opening port 8080
I have very little experience working with AWS. So I read through all question on Stackoverflow but couldn't find the answer, hence I am asking this question.
I have setup an EC2 instance (Windows Server 2016). While setting up the instance at Configure Security Group the settings that I used are as follows:
For RDP I think I should put my IP, so that only I can access the Windows Server from my IP. Kindly correct me if I am wrong.
In my Windows Server 2016, I have installed Tomcat which runs on port 8080 and in firewall settings I have created an inbound rule for port 8080 as well. Therefore as shown in above screenshot I have kept port 8080 open for all. Is this correct? I am not sure what I should put as Source for port 8080.
Finally when things are setup correctly, I am able to access my tomcat homepage from Windows Server 2016 (localhost:8080) and also from external machine i.e. (EC2 public IP :8080)
The crux of the problem is when I leave these settings as is, somehow my Windows Server 2016 gets infected by Viruses and Trojans. I have to run Windows Defender to get rid of them but despite that every 2-3 days I still see viruses on my Windows Server 2016.
How can I secure my EC2 Instance Windows Server 2016 so that it does not get infected by viruses? Any help is much appreciated.
It appears that you want the Tomcat server to be accessible from many devices on the Internet. Therefore, your configuration is correct since it is opening port 8080 to anyone on the Internet.
It is unlikely that opening this port causes your instance to be "infected by Viruses and Trojans", since it is only your application that is being exposed. You'd need some very bad Tomcat configurations to expose your system to viruses.
If you do think this opening the port exposes you to such threats, you should examine your Tomcat logs to see what types of requests are coming in that might be impacting your application in unexpected ways.
- Embedded Tomcat using log4j for logging
- How to change Java version used by TOMCAT?
- Docker Host Not Found
- Port 8005 is used By Windows 10 System Process
- How to host Angular Application to work on domain root while keeping in a separate folder in webapps directory in tomcat
- How to override default Tomcat 404 not found html page in Spring Boot 3.2?
- Where are compiled JSP Java (*__jsp.java) files in Tomcat?
- JZMQ with Tomcat 8.0 keeps throwing NoClassDefFoundError
- How to properly install and configure JSF libraries via Maven?
- Jar conflict in Maven and Tomcat?
- @PathVariable containing backslash quote returns 400 Bad Request
- Log4j- difference between Configuration and Level
- tiles-definitions for apache tiles whether can we use https?
- Access to Tomcat server has not been authorized. Set the correct username and password with the "manager-script"
- Spring boot 3 - Jakarta and Javax
- Tomcat in docker container
- Multiple HttpSession Objects for One Logged-In User
- Mapping Ldap groups to role of the application in tomcat
- Deploying my application at the root in Tomcat
- What is conf/web.xml used for in Tomcat as oppsed to the one in WEB-INF?
- tomcat startup issue on windows with intellij-idea
- Configuring base package scan for Spring Boot Application at Runtime
- What is the default username and password in Tomcat?
- Tomcat server AND HTTP Client accepting expired self-signed certificate
- Stop Tomcat when run inside of Netbeans
- Restrict login access to the container
- Tomcat - CATALINA_BASE and CATALINA_HOME variables
- How to specify Tomcat logs as home for log4j log file
- Kill tomcat service running on any port, Windows
- How to write to Tomcat log files