tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Gao, Frank" <>
Subject RE: Tomcat Web Server "ServerTokenNotSet" Vulnerability
Date Fri, 10 Jun 2005 18:51:11 GMT
What the server parameter value should be in order to pass the security
-----Original Message-----
From: Mark Thomas [] 
Sent: Friday, June 10, 2005 2:14 PM
To: Tomcat Users List
Subject: Re: Tomcat Web Server "ServerTokenNotSet" Vulnerability

Try setting the server parameter on the connector. See


Gao, Frank wrote:
> Hi,
> I have a Tomcat 5.5.7 standalone webserver running on my machine,
> I got a security scan warning of "ApacheServerTokenNotSet".
> Does anyone know how to configure the Tomcat 5.5.7 to pass this security
> scan?  I know there is a 'ServerTokens' directive for Apache Web 
> Server that I can use to limit the information giving out. But I cann't
> anything similar on Tomcat Web Server.
> Anyone has any idea about this?
> Thanks,
> Frank 

To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message