Restrict access to Tomcat 8 manager

To prevent access to the tomcat 8 Manager to all IPs except those authorized, it is necessary to configure the file manager.xml of the localhost application.

The file should be found in the following path:


Edit the file and add the “Valve” node inside the “Context” node specifying the IP you are allowed to access (allow attribute), like this:

<?xml version="1.0" encoding="UTF-8"?>

<Context path="/manager" 
	antiResourceLocking="false" privileged="true">

<Valve className="org.apache.catalina.valves.RemoteAddrValve" 


Leave a Comment

Your email address will not be published. Required fields are marked *