It can be observed that the Server header in the HTTP response reveals the running version from Server: Apache-Coyote/1.1. After intercepting the response, it can be observed that the response header is showing information disclosure. How can we configure the web server such that sensitive response headers are not visible in the response?
All supported versions of the API Gateway
Step 1: Connect to the policy manager for your SSG
Step 2: Go to Tasks --> Manage Listen Ports
Step 3: Click on the port you are connecting over, choose "Properties", and choose the "Advanced" tab.
Step 4: Click the "Add" button in the bottom right, the "Property Name" will be "server" and the value will be whatever you want to return in your response