Tomcat web application is slow when using SSL

We have a JavaEE application at my workplace which runs on Tomcat 9. The application works fine on the server itself. But when a client tries to open the application from their PC, the application is extremely slow and some components do not load properly.

When we disable HTTPS and use normal HTTP, the app works fine for everyone.

Here is the SSL setting for tomcat:


What could be the problem?

service – ubuntu 18.04: clamav running, tomcat dying

Ubuntu 18.04. 2 GB RAM + 512 MB swap.

When running clamav, it consumes more than 800MB of memory as it loads all the signatures into memory. For this reason, I have configured it to operate everyday at 3 am instead of continuing.

Until now, tomcat and clamav got along very well. At 3 am yesterday evening, the tomcat service was closed when clamav started operating.

(4643256.375812) OOM killed process 8145 (clamscan) total-vm:1149268kB, anon-rss:969476kB, file-rss:4kB
(7667218.452649) OOM killed process 8865 (java) total-vm:4568248kB, anon-rss:1067312kB, file-rss:0kB

Mar 26 03:00:31 user systemd(1): tomcat.service: Main process exited, code=killed, status=9/KILL
Mar 26 03:00:31 user systemd(1): tomcat.service: Failed with result 'signal'.
Mar 26 03:17:08 user systemd(1): Reloading The Apache HTTP Server.
Mar 26 03:17:08 user systemd(1): Reloaded The Apache HTTP Server.

I know the upgrade is an immediate answer, but until then, my questions are:

  1. Is there a way to run clamav without consuming 800 + mb?

  2. Is there a way to automatically restart Tomcat if something like this happens again?

  3. Did Java really take 4,568,248 KB = 4.5 GB or is something missing?

Tomcat running on port 8080 but fails to forward to port 8443 HTTPS. Port 8443 works but cannot access the web

I have deployed webapps with apache-tomcat-8.5.37. It had SSL and was working fine but when I tried to renew the SSL and installed the JKS file, it started to show different problems. I have resolved various cases but I could not resolve the port forwarding problem. The port is listed in "netstat" but does not work on the web where my Grails app is running.

I have attached my journals here

And here is my server.xml configuration file.

java – How to pass VM arguments to execute when the tomcat server starts?

In our project, in ide, we provide few vm arguments in ecipse runtime configurations. But when we deploy the app, we try to provide these arguments. But I don't know how to provide via tomcat to run when the server starts. Can someone help us here. Thanks in advance.

apache – How to install and configure Tomcat for eclipse IDE on macOS?

Yes, I know there are various similar issues.

eclipse how to configure tomcat which is installed from the package manager?

but finding no solution to the problem I am facing.
What I am trying to do:

  • Install Eclipse on macOS
  • Install Tomcat 8 / 8.5 on the same machine
  • Configure Tomcat to test the servlet developed in eclipse

What I have done so far:
1. Eclipse installed
2. Tomcat installed using brew install tomcat@8 :nothing else done
3. I tried to add a server in Eclipse with a path: /usr/local/Cellar/tomcat@8

tomcat7 – AJP connector tomcat 7.0.100 with mod_jk on another host

I just switched to tomcat7 (7.0.100) after I can't
reconfigure it to behavior prior to 7.0.100 where the AJP connector listens
on the public IP address in order to use it with mod_jk. Can anyone
help me get it working again? My server.xml is:

    
    
            
            
            
            
            
                    
            
            
                    
                    
                    
                            
                                    
                            
                            
                                    
                            
                    
            
    

The problem seems to be that even when I add the address property to the above
AJP connector, it does not listen on its internal IP address so it cannot be
reached from mod_jk which is running on another host:

    (tomcat-06) (/etc/tomcat7) lsof -P -i -n | grep -i tomcat
    java      29094 tomcat7   16u  IPv6 4315605      0t0  TCP *:46937 (LISTEN)
    java      29094 tomcat7   17u  IPv6 4315606      0t0  TCP *:3000 (LISTEN)
    java      29094 tomcat7   19u  IPv6 4316198      0t0  TCP *:42795 (LISTEN)
    java      29094 tomcat7   56u  IPv6 4278035      0t0  TCP *:8080 (LISTEN)
    java      29094 tomcat7   57u  IPv6 4278036      0t0  TCP 127.0.0.1:8009 (LISTEN)
    java      29094 tomcat7  238u  IPv6 4316200      0t0  TCP 127.0.0.1:8005 (LISTEN)

vulnerabilities in Apache Tomcat

It appears that all the Tomcat 6.x, 7.x, 8.x and 9.x branches are vulnerable. Patches have been published for 7.x 8.x and 9.x but not 6.x which is EOL …. | Read the rest of https://www.webhostingtalk.com/showthread.php?t=1799401&goto=newpost

crawlers – Apache Tomcat http dies, stops receiving requests

I was dealing with an aggressive robot / robot last week.
The bot is distributed with random ips and a chain of agents, so hard to block, but I have another thread for it. The problem is that a flood of http requests can cause Tomcat to die.

The Tomcat process is still correct and is not running out of memory, it just stops taking http or https requests. It will expire any http request, but will always accept https requests (if http is attacked, sometimes https also dies).

I have already seen an error with "too many open files", so I have changed the file limit from 10,000 to 50,000, which seems to help, at least the death of https, but http dies always. I don't see the "too many open files" recently.

It looks like an extreme amount of open files, why would Tomcat open so many files, could there be a file leak under high load? The server is sometimes OK for 6 months (so there can be no leakage under normal conditions), but it is already dead under high load.

The website is a large site with> 1 million pages (dynamic content) and> 1 million visits per day.

What happens when Tomcat receives a stream of http requests (like> 100 per second for an extended period of time), I assume that the requests will start to be saved. If you are using a thread pool, there will be no more threads, will it continue to aggregate requests until something breaks, or will it start to reject requests?

Is there a way to start rejecting requests after a certain amount of backup? Seems to be the only way to avoid death or accident under extreme load.

My http and https configuration is different, so it may be related to the reason why http dies. https uses maxThreads when http is not, (how many threads is the default?)




Using Tomcat v8.5.47, CentOS 7.6, Oracle Java 1.8

50% discount for Java hosting – JVM, JSP, Java, J2EE, Tomcat, dedicated servlets

JavaProvider.net has been offering economical Java hosting since 2008.
We are a UptimeSafe certified supplier. Contact us through our website or at support at javaprovider.net

The private Java JVM hosting package contains:

  • NEW! API for Java Control Panel
  • Pure SSD hosting
  • Dedicated JVM – no JVM sharing
  • Monthly / weekly backup service
  • Multiple WAR applications and multiple domains
  • Ant and Maven
  • Apache Tomcat any version (other application servers possible)
  • SSH access
  • JDK any version
  • Java control panel to restart Tomcat, change version of Tomcat / JDK, monitor memory usage, etc.
  • Servlets, JSP, JSF, Spring, Hibernate, JSTL, Struts, Grails, EJB 3.0 and more
  • Upgrade the heap size at any time. Example: $ 5 / month for 256 MB. 30% discount for the 512 MB addon
  • Databases: MYSQL 5.7 PostgreSQL 9.6, MongoDB, CouchDB
  • CVS / Subversion (SVN) / GIT / Mercurial repository
  • PHP 7, Python 3, Perl, Ruby
  • Free JavaProvider.net subdomain / alias
  • All the typical features of cPanel

Private tomcat

  • Disk Space (SSD): 10 GB
  • Heap size: 160 MB
  • Metaspace size: 160 MB
  • Traffic: 500 GB
  • Monthly: $ 9.99

Private Tomcat Pro

  • All the features of Private Tomcat
  • Heap size: 320 MB
  • Metaspace size: 320 MB
  • Monthly: $ 19.99
  • Recommended for Grails, Cyclos and other complex frameworks or webapps

We provide a custom Java control panel. You will have the possibility to:

  • Change Tomcat version
  • Start / stop Tomcat
  • Change JDK version and several JVM boot parameters
  • Browse Tomcat logs
  • Go to Tomcat Manager
  • Monitor JVM memory usage
  • Manage JMX / RMI access for remote jconsole, jvisualvm etc.
  • Quickly check JDBC connections to MySQL and PostgreSQL
  • List the use of ports and more
  • All of the above via API

Recurring 50% discount coupon for Tomcat and Tomcat Pro packs ordered in March 2020: WHT50P14 (new customers only)

For those of you who need more memory (320MB +), we offer VPS packages with SolusVM control panel. Each VPS comes with a basic operating system or any set of pre-installed open source software.
Dedicated servers are also available.

The most commonly requested configurations for VPS packages include JDK, database server, SVN and Jira, Jenkins, Magnolia, Liferay, OpenCMS, Confluence, Alfresco, JPublish, Glassfish, Cyclos, Openfire, OpenBravo. WHM / cPanel, Webmin / Virtualmin, DirectAdmin or ISPConfig3 can also be preinstalled. Dedicated servers are also available.

See JavaProvider.net for more information.

linux – the mysql thread and the tomcat thread should be the same for better rendering?

my tomcat instance on the ubuntu server running mysql and only the application has access to mysql (only the tomcat service user). I have a small level of experience with optimization with mysql and tomcat.
For good performance, should the maxthread tomcat value be the same as mysql?

For any help, I am grateful

Sincere friendships

black beard