STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Apache Tomcat Application Server 9 Security Technical Implementation Guide

V-222960

CAT III (Low)

Documentation must be removed.

Rule ID

SV-222960r960963_rule

STIG

Apache Tomcat Application Server 9 Security Technical Implementation Guide

Version

V3R4

CCIs

CCI-000381

Discussion

Tomcat provides documentation and other directories in the default installation which do not serve a production use. These files must be deleted.

Check Content

From the Tomcat server OS type the following command:

sudo ls -l $CATALINA_BASE/webapps/docs.

If the docs folder exists or contains any content, this is a finding.

Fix Text

From the Tomcat server OS type the following command:

sudo rm -rf $CATALINA_BASE/webapps/docs