10.1 Ensure Web content directory is on a separate partition from the Tomcat system files - verify Web content directory

Warning! Audit Deprecated

This audit has been deprecated and will be removed in a future update.

View Next Audit Version


Store web content on a separate partition from Tomcat system files.


The web document directory is where the files which are served to the end user reside. In the past, directory traversal exploits have allowed malicious users to wreak havoc on a web server including executing code, uploading files, and reading sensitive data. Even if you do not have any directory traversal exploits in your server or code at this time, that doesn't mean they won't be introduced in the future. Moving your web document directory onto a different partition will prevent these kinds of attacks from doing more damage to other parts of the file system.


Move the web content files to a separate partition from the tomcat system files and update your configuration.

Default Value:

Not Applicable

See Also