You have created a Web application using a JBoss application server and you are going to put it in production. Great!
But deploying your application with JBoss serving the Web requests directly may not be the optimal solution. First because the Tomcat web server embedded within JBoss is not the best server to serve static files and second because configuring Tomcat and JBoss for best performance and security is in general a complex and tedious task.
Instead, it is a good practice to use an Apache server (2.0 or 2.2) in front of your JBoss/Tomcat. This Apache server can serve static files, take care of your SSL security and manage for you all the details of HTTP headers (Expires and other headers) and more….
In a production environment, you should not put your JBoss application as a Web front-end. Instead, you should use an Apache server and configure it to redirect specific Web application requests to your J2EE server. There are many many advantages in doing this:
The Apache server can serve static files (CSS, images, javascript files) faster than JBoss/Tomcat.
When you need it, you can activate SSL on Apache without having to change your application.
The Apache SSL implementation is faster compared to the Tomcat implementation (and a lot easier to configure!).
You can have a better control of HTTP headers. No need to develop any servlet filter for that.
You can get compression out of the box. No need to develop another servlet filter either (no need to configure Tomcat connector either!).
I assume here that the Apache server is already installed with the following modules and these modules are enabled.
Read more