Search the VMware Knowledge Base (KB)
View by Article ID

Disabling the server banner for port 9443 (2151527)

  • 1 Ratings

Symptoms

  • An audit will show that the server on port 9443 is displaying a server banner (for example: "Server: Apache-Coyote/1.1"), while the http server running on port 443 does not display a banner.

Cause

This would not be classed as a vulnerability and this would be the expected response from Tomcat and by default this property(server) is not set on any server.xml. However some environments might have a requirement to suppress this banner.

For more information see, https://tomcat.apache.org/tomcat-7.0-doc/security-howto.html#Server

Resolution

To resolve this issue remove Server banner:
  1. Stop the vSphere Web Client service. For more information see How to stop, start, or restart vCenter Server 6.x services (2109881).
  2. Take the backup of /usr/lib/vmware-vsphere-client/server/configuration/tomcat-server.xml.
  3. Edit the tomcat-server.xml.
  4. Add the server field like below next to 9443 port:

    <Connector port="9443" server=" "

    Note: You can set anything to the server property and this will be displayed when you query this using the curl.

  5. Save the file and start the vSphere Web Client service. For more information see How to stop, start, or restart vCenter Server 6.x services (2109881).

See Also

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 1 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 1 Ratings
Actions
KB: