You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by "Gao, Frank" <fr...@siemens.com> on 2005/06/10 20:04:40 UTC
Tomcat Web Server "ServerTokenNotSet" Vulnerability
Hi,
I have a Tomcat 5.5.7 standalone webserver running on my machine, recently
I got a security scan warning of "ApacheServerTokenNotSet".
Does anyone know how to configure the Tomcat 5.5.7 to pass this security
scan? I know there is a 'ServerTokens' directive for Apache Web
Server that I can use to limit the information giving out. But I cann't find
anything similar on Tomcat Web Server.
Anyone has any idea about this?
Thanks,
Frank
Re: Tomcat Web Server "ServerTokenNotSet" Vulnerability
Posted by Mark Thomas <ma...@apache.org>.
Try setting the server parameter on the connector. See
http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/http.html
Mark
Gao, Frank wrote:
> Hi,
> I have a Tomcat 5.5.7 standalone webserver running on my machine, recently
> I got a security scan warning of "ApacheServerTokenNotSet".
>
> Does anyone know how to configure the Tomcat 5.5.7 to pass this security
> scan? I know there is a 'ServerTokens' directive for Apache Web
> Server that I can use to limit the information giving out. But I cann't find
> anything similar on Tomcat Web Server.
>
> Anyone has any idea about this?
>
> Thanks,
>
> Frank
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org