JBoss page found under PAM's URL shows server information

Document ID : KB000113271
Last Modified Date : 06/09/2018
Show Technical Document Details
Under Process Automation's URL, 2 addresses are found that show server information, which can be considered as a security breach.
The addresses are the following:


Those addresses show the following:

User-added image
Process Automation 4.3, 4.3.01, 4.3.02 and 4.3.03
This is caused by the default configuration of JBoss application server, which can be changed.
In order to get rid of this page, the following steps can be followed:

1.- Stop PAM services.
2.- Navigate to: ..PAM\server\c2o\deploy\ROOT.war\WEB-INF
3.- Take a backup of "web.xml" file and place that copy outside PAM folder.
4.- Open the original file and comment everything between lines 13 and 22, as follow:

<servlet-name>Status Servlet</servlet-name>
<servlet-name>Status Servlet</servlet-name>

5.- Save the change and start PAM service.

With this change, both addresses will now show the following:

User-added image