Tomcat version number

From snippet wiki
Jump to navigation Jump to search

To confuse potential hackers or at least their stupid automated scripts, hide the real version number of your tomcat installation:

This attribute within the Connector element in server.xml is for the HTTP response header:

server="Tomcat/9.99"

You might have to add that attribute two times, once for the normel http port 80/8080 and once for the ssl port if enabled.

These lines for the visible parts in the tomcat status pages:

mkdir -p $CATALINA_HOME/lib/org/apache/catalina/util
cd $CATALINA_HOME/lib/org/apache/catalina/util
vi ServerInfo.properties
server.info=Apache Tomcat 9.99