Details
The server.number attribute represents the specific version of Tomcat that is executing. This value is presented to Tomcat clients when connect.
Solution
Perform the following to alter the server number string that gets displayed when clients connect to the tomcat server.
1. Extract the ServerInfo.properties file from the catalina.jar file:
$ cd $CATALINA_HOME/lib
$ jar xf catalina.jar org/apache/catalina/util/ServerInfo.properties
2. Navigate to the util directory that was created
cd org/apache/catalina/util
3. Open ServerInfo.properties in an editor
4. Update the server.info attribute in the ServerInfo.properties file.
server.number=
5. Update the catalina.jar with the modified ServerInfo.properties file.
$ jar uf catalina.jar org/apache/catalina/util/ServerInfo.properties
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Unix.