If you are using Apache to Tomcat try using mod_security module to
accomplish this.
Mod security has setting for hiding the server error output:
http://www.modsecurity.org/documentation/modsecurity-apache/1.9.3/modsecurity-manual.html#N1057D
as well as purposly missrepresenting the Apache (like show IIS instead of
Apache).
http://www.modsecurity.org/documentation/modsecurity-apache/1.9.3/modsecurity-manual.html#N108B5
On 7/24/06, Eric B. <[EMAIL PROTECTED]> wrote:
Thanks for the pointer, but the problem that I see is that Apache is
returning the status code 200 to the browser.
If Apache is generating an "internal server error" as you indicated, it
should be returning a 5xx status, I'd think.
I'd think so too. But I put in ErrorDocument 500 directives, and got
nothing out of it.
In fact, I even went one step further and put in ErrorDocument directives
for error codes 500-510 (just in case I was missing something) and none made
a difference. I tried putting them in the main body of the httpd.conf file
(to ensure I wasn't having problems with VirtualHosts, etc), but still
nothing.
--
Thank you,
Edmon Begoli
http://blogs.ittoolbox.com/eai/software
