What the server parameter value should be in order to pass the security scan? -----Original Message----- From: Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Friday, June 10, 2005 2:14 PM To: Tomcat Users List Subject: Re: Tomcat Web Server "ServerTokenNotSet" Vulnerability
Try setting the server parameter on the connector. See http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/http.html Mark Gao, Frank wrote: > Hi, > I have a Tomcat 5.5.7 standalone webserver running on my machine, recently > I got a security scan warning of "ApacheServerTokenNotSet". > > Does anyone know how to configure the Tomcat 5.5.7 to pass this security > scan? I know there is a 'ServerTokens' directive for Apache Web > Server that I can use to limit the information giving out. But I cann't find > anything similar on Tomcat Web Server. > > Anyone has any idea about this? > > Thanks, > > Frank > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
