IBM Support

Enable the feature to Modify Apache-Coyote/1.1 Banner

Troubleshooting


Problem

In Response Headers, it exposures the version number of the Apache Tomcat Web Server which runs on port 8080 by default. It's better to provide a way to protect the information.

Symptom

Tomcat has allowed to modify the server's attribute "server" to protect the version information.

In WebSphere Application Server Community Edition 1.1, we suggest the good practice to follow the tomcat behavior is below.


In <wasce-home>\var\config\config.xml

<module name="geronimo/tomcat/1.1/car">
<gbean name="TomcatEngine">
<attribute name="initParams">name=Geronimo</attribute>
<reference name="TomcatValveChain"/>
</gbean>
<gbean load="false" name="FirstValve"/>
<gbean load="false" name="SecondValve"/>
<gbean name="TomcatResources"/>
<gbean name="TomcatWebConnector">
<attribute name="host">0.0.0.0</attribute>
<attribute name="port">8080</attribute>
<attribute name="redirectPort">8443</attribute>
<attribute name="bufferSizeBytes">2048</attribute>
<attribute name="maxThreads">150</attribute>
<attribute name="acceptQueueSize">100</attribute>
<attribute name="lingerMillis">-1</attribute>
<attribute name="tcpNoDelay">true</attribute>
<attribute name="minSpareThreads">25</attribute>
<attribute name="maxSpareThreads">75</attribute>
<attribute name="maxHttpHeaderSizeBytes">8192</attribute>
<attribute name="hostLookupEnabled">false</attribute>
<attribute name="connectionTimeoutMillis">20000</attribute>
<attribute name="uploadTimeoutEnabled">false</attribute>
<attribute name="maxPostSize">2097152</attribute>
<attribute name="maxSavePostSize">4096</attribute>
<attribute name="emptySessionPath">false</attribute>
<attribute name="server">TestResponseHead</attribute>
</gbean>

Resolving The Problem

To enable the feature, please refer the instruction below:

1. Download the patch file:EnableModifyServerVersionInResponseHead.zipEnableModifyServerVersionInResponseHead.zip

2. Unzip the attached file into the WebSphere Application Server Community Edition installation directory, and ensure the files listed in the zip file to replace the ones in the server installation.

3. Open <wasce-home>\var\config\config.xml, add the attribute "server" into the gbean named TomcateWebConnector's attribute list. Then set your value for this attribute.

4. Start the server.

[{"Product":{"code":"SS6JMN","label":"WebSphere Application Server Community Edition"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"--","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"1.1","Edition":"Entry;Enhanced","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
15 June 2018

UID

swg21639153

Page Feedback