Setting the server header is a tomcat 5.5 feature.
-Tim
LFM wrote:
Tim,
Thanks for the reply, but I can't get in working:
In conf/server.xml I added server="TEST", as shown:
<!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8180 -->
<Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
port="8180" minProcessors="5" maxProcessors="75"
enableLookups="true" acceptCount="10" debug="0"
connectionTimeout="20000" useURIValidationHack="false" server="TEST"/>
Stopped, started Tomcat. nc'ed to localhost, but still got the old
server header.
$ nc localhost 8180
GET / HTTP/1.0
HTTP/1.1 302 Moved Temporarily
Location: http://localhost.localdomain:8180/index.jsp
Content-Length: 0
Date: Thu, 11 Aug 2005 20:15:38 GMT
Server: Apache-Coyote/1.1
Connection: close
What I'm I doing wrong?
Thanks!
Leandro
On Thu, 2005-08-11 at 15:56 -0400, Tim Funk wrote:
The Server header can be configured in the <Connector> declaration.
server='Sun Solaris IIS/6.0'
To limit the HTTP methods this can be done a few ways;
1) Use a servlet filter
2) Use web.xml and security constraints on those method types
3) ???
-Tim
LFM wrote:
Hi!
I'm hardening a Web Server running Tomcat for a client, but I'm having
difficulty in finding information on how to accomplish the following
tasks (bored of googling so I decided to ask here):
1. Remove/modify the banner presented by the coyote connector on the
server header of an http reply.
2. Limit the HTTP methods available. (I wan't to disable trace, put,
delete).
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
