Details
Although it can be a good idea to keep some example content in a test environment, to check if the server is running correctly, it is not a good practice in production.
Removing the samples will prevent an external client seeing what version of the AS you are running and will also prevent the AS instance being affected by future security bugs on this content.
Solution
Disable or remove the welcome-content directory by placing “false” as a value on enable-welcome-root
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.