What if the version of Tomcat 4 server is leaked???

Alibaba cloud Q & A 2022-02-13 09:02:34 阅读数:65

version tomcat server leaked

The company's project was scanned by the security company “HTTP Header information disclosure ”, How to modify ? Problem description In the... Returned by the server HTTP If there are server related component versions and other information in the header, it will play a certain role in the attacker's further intrusion

testing procedure HTTP Check whether the middleware detailed version information is returned in the response message header . image.png

Safety suggestion Hide or modify banner Information .

I changed it and there was no response image.png




Take the answer 1:

Hello! , modify server The field is different or empty . See the configuration document :

http://tomcat.apache.org/tomcat-4.1-doc/config/coyote.html

If it can't be changed or doesn't take effect , You can also use the front proxy layer nginx, Delete this header.


copyright:author[Alibaba cloud Q & A],Please bring the original link to reprint, thank you. https://en.javamana.com/2022/02/202202130902321905.html