Troubleshooting
Problem
In Response Headers, it exposures the version number of the Apache Tomcat Web Server which runs on port 8080 by default. It's better to provide a way to protect the information.
Symptom
Tomcat has allowed to modify the server's attribute "server" to protect the version information.
In WebSphere Application Server Community Edition 1.1, we suggest the good practice to follow the tomcat behavior is below.
In <wasce-home>\var\config\config.xml
<module name="geronimo/tomcat/1.1/car">
<gbean name="TomcatEngine">
<attribute name="initParams">name=Geronimo</attribute>
<reference name="TomcatValveChain"/>
</gbean>
<gbean load="false" name="FirstValve"/>
<gbean load="false" name="SecondValve"/>
<gbean name="TomcatResources"/>
<gbean name="TomcatWebConnector">
<attribute name="host">0.0.0.0</attribute>
<attribute name="port">8080</attribute>
<attribute name="redirectPort">8443</attribute>
<attribute name="bufferSizeBytes">2048</attribute>
<attribute name="maxThreads">150</attribute>
<attribute name="acceptQueueSize">100</attribute>
<attribute name="lingerMillis">-1</attribute>
<attribute name="tcpNoDelay">true</attribute>
<attribute name="minSpareThreads">25</attribute>
<attribute name="maxSpareThreads">75</attribute>
<attribute name="maxHttpHeaderSizeBytes">8192</attribute>
<attribute name="hostLookupEnabled">false</attribute>
<attribute name="connectionTimeoutMillis">20000</attribute>
<attribute name="uploadTimeoutEnabled">false</attribute>
<attribute name="maxPostSize">2097152</attribute>
<attribute name="maxSavePostSize">4096</attribute>
<attribute name="emptySessionPath">false</attribute>
<attribute name="server">TestResponseHead</attribute>
</gbean>
Resolving The Problem
To enable the feature, please refer the instruction below:
2. Unzip the attached file into the WebSphere Application Server Community Edition installation directory, and ensure the files listed in the zip file to replace the ones in the server installation.
3. Open <wasce-home>\var\config\config.xml, add the attribute "server" into the gbean named TomcateWebConnector's attribute list. Then set your value for this attribute.
4. Start the server.
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg21639153