ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Hide Apache Server info header for DLP Enforce Console.


Article ID: 184943


Updated On:


Data Loss Prevention Enforce


Symantec Data Loss Prevention (DLP) Enforce Server Console gets highlighted for a INFO RISK as "HyperText Transfer Protocol (HTTP) Information" in which the report gives some information about the remote HTTP protocol - the version used, whether HTTP Keep-Alive and HTTP pipelining are enabled, etc.

Common Information security policies will have a requirement to hide below server information for a remote attacker to get familiar easily. 

Headers:  Server: Apache-Coyote/1.1


The Server header can be suppressed via tomcat's server.xml. Add a server= attribute to Connector element.

Server.xml can found in 

DLP 14.X/15.0 : -   "INSTALL DRIVE":\SymantecDLP\Protect\tomcat\conf\

DLP 15.1 and later : -  "INSTALL DRIVE":\Program Files\Symantec\DataLossPrevention\EnforceServer\15.x\Protect\tomcat\conf\


Below example: - Where server is set to HiddenServer/1.1

<Connector port="8443" maxThreads="150"
      enableLookups="false" disableUploadTimeout="true"
      acceptCount="100" scheme="https" secure="true" 
      URIEncoding="UTF-8" SSLEnabled="true" server="HiddenServer/1.1">