Appian Community
Site
Search
Sign In/Register
Site
Search
User
DISCUSS
LEARN
SUCCESS
SUPPORT
Documentation
AppMarket
More
Cancel
I'm looking for ...
State
Not Answered
Replies
1 reply
Subscribers
7 subscribers
Views
7135 views
Users
0 members are here
Share
More
Cancel
Related Discussions
Home
»
Discussions
»
Administration
I'm trying to configure JBOSS to remove the Server header in the response. B
prestonb
over 10 years ago
I'm trying to configure JBOSS to remove the Server header in the response. By default it shows:
HTTP/1.1 200 OK
Date: Fri, 20 Mar 2015 18:45:36 GMT
Server: Apache-Coyote/1.1
This setting in standalone.xml produces the output shown below:
<property name="org.apache.coyote.http11.Http11Protocol.SERVER" value="blah"/>
HTTP/1.1 200 OK
Date: Fri, 20 Mar 2015 18:45:36 GMT
Server: blah
But I cannot find a setting to make the header disappear entirely. Has anyone else done this?
OriginalPostID-142293
OriginalPostID-142293
Discussion posts and replies are publicly visible
Parents
0
Eduardo Fuentes
Appian Employee
over 10 years ago
You won't be able to remove it, your best option is to customize it with a value of preference since this is a mandatory header as defined RFC
www.w3.org/.../rfc2616-sec14.html
14.38 Server
The Server response-header field contains information about the software used by the origin server to handle the request.
The field can contain multiple product tokens (section 3.8) and comments identifying the server and any significant subproducts. The product tokens are listed in order of their significance for identifying the application.
If the response is being forwarded through a proxy, the proxy application MUST NOT modify the Server response-header. Instead, it SHOULD include a Via field (as described in section 14.45).
Note: Revealing the specific software version of the server might
allow the server machine to become more vulnerable to attacks
against software that is known to contain security holes. Server
implementors are encouraged to make this field a configurable
option.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
Reply
0
Eduardo Fuentes
Appian Employee
over 10 years ago
You won't be able to remove it, your best option is to customize it with a value of preference since this is a mandatory header as defined RFC
www.w3.org/.../rfc2616-sec14.html
14.38 Server
The Server response-header field contains information about the software used by the origin server to handle the request.
The field can contain multiple product tokens (section 3.8) and comments identifying the server and any significant subproducts. The product tokens are listed in order of their significance for identifying the application.
If the response is being forwarded through a proxy, the proxy application MUST NOT modify the Server response-header. Instead, it SHOULD include a Via field (as described in section 14.45).
Note: Revealing the specific software version of the server might
allow the server machine to become more vulnerable to attacks
against software that is known to contain security holes. Server
implementors are encouraged to make this field a configurable
option.
Cancel
Vote Up
0
Vote Down
Sign in to reply
Verify Answer
Cancel
Children
No Data