Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [jetty-users] jetty keeps getting hacked

What's in conf.n? (details please)
What do you have in your webapp? (be detailed)
How do you start Jetty? (your command line *AND* your start.ini and start.d/ contents)
Do you customize anything in ${jetty.home}? (like lib or xml files)

Do you run elasticsearch on your machine?

Joakim Erdfelt <joakim@xxxxxxxxxxx>
Expert advice, services and support from from the Jetty & CometD experts

On Fri, Aug 1, 2014 at 9:16 AM, Kent Tong <> wrote:

I have set up jetty-8.1.15.v20140411 on CentOS 6.5 with all the updates installed. However, jetty keeps getting hacked: malicious files (usually there is one named conf.n) are frequently created in jetty's directory (/opt/jetty). I have only enabled the minimum configuration in start.ini:


there is only one webapp installed which is nothing out of ordinary.

any idea? thanks in advance!

Kent Tong
IT author and consultant, child education coach

jetty-users mailing list
To change your delivery options, retrieve your password, or unsubscribe from this list, visit

Back to the top