The project through the Bureau security checks need to shield out the server middleware information, check the afternoon, the Internet to see are modified JBOSS7, we use the Wildfly8 (JBoss renamed Wildfly), modify the place is not the same, tortured for half a day.
The JBoss server will display its own identity in the HTTP response header by default, as follows:
This exposes the server information, and other people may be based on this information to find a server vulnerability to attack the server.
Shielding method:
Modify the Domain.xml file in Wildfly8, which is located under the/domain/configuration/directory in the Wildfly installation directory. VI Edit Domain.xml file,
Modify the value of the header-value, note that there are many header-value in this file, are modified.
The effect after modification:
Find. -name "*.xml" | xargs grep "Header-value"//The name can find all files under the current file with an. xml extension and find out what files include Header-value.
Wildfly8 changing the server parameters in the response header