Added following to the Server.xml, still showing in the latest scan.
From: John Palmer [mailto:johnpalm...@gmail.com]
Sent: Friday, December 14, 2018 6:26 PM
To: Tomcat Users List
Subject: [EXTERNAL] Re: tomcat Finding!
WARNING:This is an external email that originated outside of our email system.
DO NOT CLICK links or open attachments unless you recognize the sender and know
that the content is safe!
I found this to be easier to accomplish (and maintain):
add to the Host section of server.xml:
(this will disable the tomcat version number and the stacktrace - the
defaults for these are "true")
On Fri, Dec 14, 2018 at 10:18 AM wrote:
> Good Morning,
> I'm encountering following scan finding errors and couldn't find way to
> mitigate this.
> Tomcat 8.5.32
> Apache Tomcat Default Files
> The following default files were found
> Delete the default index page and remove the example JSP and servlets.
> Follow the Tomcat or OWASP instructions to replace or modify the default
> error page.
> Thank you,
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org