Web Server HTTP Header Information Disclosure

Document ID : KB000094898
Last Modified Date : 07/05/2018
Show Technical Document Details
Introduction:
It can be observed that Server header in the HTTP response reveals the running version from Server: Apache-Coyote/1.1. After intercepting the response it can be observed that response header is showing information disclosure. Configure the web server such that sensitive response headers are not visible in the response.
Environment:
All SSG versions
Instructions:
Step 1: Connect to the policy manager for your SSG Step
2: Go to Tasks --> Manage Listen Ports Step
3: Click on the port you are connecting over and choose "Properties" and choose the "Advanced" tab.
Step 4: Click the "Add" button in the bottom right, the "Property Name" will be "server" and the value will be whatever you want to return to your customers