The server information is given when the HTTP server responds to the request, for example:
server:apache-coyote/1.1
This banner gives the intruder a certain indication. For security reasons, this information needs to be changed in order to play a certain role in the confusion.
Tomcat 6 Copies the entire LIB package, creates a new project, modifies
Tomcat-coyote.jar\org\apache\coyote\ajp\constants.class and Http11\constants.class. Change the server to the string you want.
Save, replace the original file in Tomcat-http.jar with this modified Constant.class (under Windows, drag the modified Constant.class directly to the Constant.class location in the WinRAR window Can).
When you are done, you can test:
Telnet
get/http/1.1
Results:
...
Server:unknown haha! vx.x
Transfer-encoding:chunked
...
In this way, it is not easy for an attacker to get the type/version information of the HTTP server.