Hide Apache Server info header for DLP Enforce Console.

book

Article ID: 184943

calendar_today

Updated On:

Products

Data Loss Prevention Enforce

Issue/Introduction

Symantec Data Loss Prevention (DLP) Enforce Server Console gets highlighted for a INFO RISK as "HyperText Transfer Protocol (HTTP) Information" in which the report gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc.

Common Information security policies will have a requirement to hide below server information for a remote attacker to get familiar easily. 

Headers:  Server: Apache-Coyote/1.1

Resolution

The Server header can be suppressed via tomcat's server.xml. Add a server= attribute to Connector element.

Server.xml can found in 

DLP 14.X/15.0 : -   "INSTALL DRIVE":\SymantecDLP\Protect\tomcat\conf\

DLP 15.1 and later : -  "INSTALL DRIVE":\Program Files\Symantec\DataLossPrevention\EnforceServer\15.x\Protect\tomcat\conf\

 

Below example: - Where server is set to HiddenServer/1.1

<Connector port="8443" maxThreads="150"
      enableLookups="false" disableUploadTimeout="true"
      acceptCount="100" scheme="https" secure="true" 
      URIEncoding="UTF-8" SSLEnabled="true" server="HiddenServer/1.1">