Server & Application Version Leakage

Document ID : KB000009928
Last Modified Date : 14/02/2018
Show Technical Document Details
Introduction:

We want to stop api potal from revealing Server & Application Version

Environment:
CA API Developer Portal - All
Instructions:

To change "Apache Tomcat/6.0.39" header that can show up

1. As root, run the folowing commands:

mkdir -p /opt/Deployments/lrs/server/lib/org/apache/catalina/util

vi /opt/Deployments/lrs/server/lib/org/apache/catalina/util/Serverinfo.properties

 

2. Enter content like the follwoing two lines:

server.info=Charllie Delta/1.2.3

server.number=1.2.3

 

3. Run these commands:

chown root:portalusers -R /opt/Deployments/lrs/server/lib/org

service apiportal restart

 

Below is the screenshot which is a example of version leakage