Stop displaying version info

Google

Mailing List

Home

Forum Home

JBoss - Java Application Server

Struts - A MVC web framework

Tomcat - JSP/Servlet container

iText - An open source PDF Java Library

JDOM - JDOM XML Parser

J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition

J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog

Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology

JSP - A mailing list about Java Server Pages specification and reference

Struts & Hibernate

Subjects

•	JSP editor plugin for eclipse ?
•	org apache jasper JasperException: Unable to compile class for JSP
•	Tomcat: Connection reset by peer: socket write error
•	Cannot retrieve definition for form bean null
•	Struts Tiles Tutorial (free Struts training)
•	Where do I download Tomcat 4 0 6?
•	Data Access Object (DAO) pattern, example DAO 's
•	Where to download Tomcat v 4 1 24 from?
•	Tomcat 5 0 16 Requested resource not available
•	Oracle Connection Pooling in 3 2 2
•	Servlet : Session invalidate
•	Servlet action is currently unavailable
•	Tomcat/Struts Unicode Encoding/Decoding problems
•	Tomcat and webapplication specific java library path
•	Running a Simple JMS Example
•	Mapping in workers2 properties
•	org apache jasper JasperException
•	Cannot find message resources under key org apache struts action MESSAGE
•	problem with html:text bean throwing exception
•	Cannot find message resources under key org apache struts action MESSAGE
•	invalid direct reference problem with solution
•	Tool for jsp debug Try Sysdeo Eclipse Plugin
•	Tomcat 5 Cannot load JDBC driver class 'null ' SQL state: null
•	weblogic ejbc
•	java properties file
•	Jboss 3 2 3 Coyote Can 't re
•	Tomcat 5, Apache2 and mod jk2 integration problem
•	JBoss example problem new to J2EE
•	url string for connecting jboss to oracle
•	Value attribute of <html:checkbox
•	javax servlet ServletException: BeanUtils populate
•	HTTP Status 404 The requested resource is not available
•	5 0 18: Windows XP Pro vs Windows 2000

Stop displaying version info

Stop displaying version info

2004-01-22 - By Donie Kelly

Back

Reply: 1 2 3 4 5

First thing you can do is put in a custom 404 error page. See the archives
or check the docs. It's easy to do.

Second you can override the server header normally sent by tomcat by adding
this line BEFORE any servlet output has been done.

Hope that helps.
Donie

public void doGet (HttpServletRequest req, HttpServletResponse res)
throws ServletException, IOException
{
try
{
// Override the Server header
res.setHeader("Server", "My Custom header that give no
tomcat version info");

// Your servlet code goes here....

}
catch (Exception ex)
{
res.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
}
}

-- --Original Message-- --
From: Allan Bruce [mailto:allanmb@(protected)]
Sent: 22 January 2004 12:00
To: tomcat-user@(protected)
Subject: Stop displaying version info

Is there a way I can get tomcat to stop displaying so much info if somebody
hits a 404 or other error? Its a good clue for hackers to start if they know
what version of a popular software I am running. I have it so that apache
displays no info, now just to get tomcat to do the same.
Thanks
Allan

-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)

-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)