How to prevent .war from being downloaded?

I am new to Java programming and have a web app on my server. I upload it to my public_html folder and it is then automatically deployed.  It works fine that way, except nothing is preventing someone from downloading the .war directly from public_html.  How would I prevent this from happening?

The project is running on tomcat.
jwarpAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

CEHJCommented:
Make the perms on the war file to be readable by the tomcat user only
0
colr__Commented:
You must be deploying this a strange way - the war should be placed in the webapps folder in tomcat,which then automatically deploys and expands the webapp contents into a folder, which becomes the context. Tomcat does not allow the war file to be downloaded when this deployment occurs, as the war file is not *inseide* the context folder.
0
Mick BarryJava DeveloperCommented:
don't deploy it to public_html, thats for html and other publicly accessible resources.
instead setup tomcats webapp directory somewhere that is not accessible (and let tomcat handle serving the files from there)
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
10 Tips to Protect Your Business from Ransomware

Did you know that ransomware is the most widespread, destructive malware in the world today? It accounts for 39% of all security breaches, with ransomware gangsters projected to make $11.5B in profits from online extortion by 2019.

Mick BarryJava DeveloperCommented:
If your war can be downloaded then there is a problem with your setup, by the sound of it you are deploying it in a directory being servered by apache. You do not want to do that, nor do you need to. And things like changing the permissions is not going to help.

Simply moving the location of your webapps directory will fix the problem.
0
jwarpAuthor Commented:
got it working... thanks!
0
Mick BarryJava DeveloperCommented:
(:
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Java

From novice to tech pro — start learning today.