Skip to main content

Tomcat Check For Allowed Referrer

For additional protection, we recommend enabling Tomcat to check for allowed referrer:

  1. Edit $MM_HOME/tomcat/conf/web.xml
    • Uncomment the two filter sections in the 'Checks referrer is allowed' section. The variable ${server.fqdn} will be substituted with the value of M_SERVER_FQDN in tomcat.properties
    • Changing the M_SERVER_FQDN variable from localhost to &ltmyMMServer.myDomain>
  2. Edit $MM_HOME/tomcat/conf/tomcat.properties by:

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – let us know how we can improve!