Just put this in your web.xml for root webapp or others...
<error-page>
<error-code>404</error-code>
<location>/404error.html</location>
</error-page>
and create 404error.html to say whatever you like.
Ken
Jason Pyeron wrote:
has any one put together a faq/howto on securing tomcat?
our first goal is to prevent determination of the server version by a web
client.
an example of this is for url http://127.1:8080/xxdfsdf this is returned, note the Server:
Apache Coyote/1.0 and Apache Tomcat/4.1.12
HTTP/1.1 404 /xxdfsdf
Content-Type: text/html;charset=ISO-8859-1
Content-Language: en-US
Transfer-Encoding: chunked
Date: Tue, 31 Dec 2002 20:46:09 GMT
Server: Apache Coyote/1.0
<html><head><title>Apache Tomcat/4.1.12 - Error
report</title><STYLE><!--H1{font-family : sans-serif,Arial,Tahoma;color
: white;background-color : #0086b2;} H3{font-family :
sans-serif,Arial,Tahoma;color : white;background-color : #0086b2;}
BODY{font-family : sans-serif,Arial,Tahoma;color : black;background-color
: white;} B{color : white;background-color :
#0086b2;} HR{color : #0086b2;} --></STYLE> </head><body><h1>HTTP Status
404 - /xxdfsdf</h1><HR size="1" noshade><p><b>ty
pe</b> Status report</p><p><b>message</b>
<u>/xxdfsdf</u></p><p><b>description</b> <u>The requested resource
(/xxdfsdf)
is not available.</u></p><HR size="1" noshade><h3>Apache
Tomcat/4.1.12</h3></body></html>
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
