Save server.xml file and restart Tomcat server. I like bacula with a pre-job to dump lportal (and other) db to file in. Add the following line inside Host configuration.Īfter adding this line it will look as below:Īpache tomcat setting server info value falseĥ. When i access the portal, all i get is the Apache Tomcat default home page. Find the Host configuration in it which looks something likeĤ. Open conf directory and open server.xml file.ģ. Navigate to the directory where you have placed your tomcat files. ![]() But, we can fix this by following the steps provided below.ġ. When any attacker figures out this then it narrows down to search for vulnerabilities in that specific versions of Tomcat running. I have removed that in the above picture. ![]() Here as you can see, though it says, the requested resources is not available, it is also showing the version of Apache Tomcat(Apache Tomcat/Version_Number). In this case, Tomcat response will be as below:Īpache tomcat requested resource not available error So, what if there was not any login page which can be accessed using this URL. 2 Answers Sorted by: 7 Ultimately, it is what your application does that determines where the files are stored. It shows your login page because there is login page available in that request. And you have a login page which can be accessible using the link It is required the to remove default web applications / files for Apache Tomcat which is bundled with SAP BusinessObjects Business Intelligence (BI). Let’s say you have a domain name which you are running using Tomcat. Let me describe you this vulnerability in detail. Follow the Tomcat or OWASP instructions to replace or modify the default error page. These files should be removed as they may help an attacker uncover information about the remote Tomcat install or host itself.ĭelete the default index page and remove the example JSP and servlets. It will display 404 error instead of Tomcat home page Or you can add your custom home page file with the. The default error page, default index page, example JSPs and/or example servlets are installed on the remote Apache Tomcat server. How to Hide/Change Tomcats default home page.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |