Hi, Can you tell me what response headers do I need to suppress in order to improve security?
Response headers example: Server: Apache-Coyote x-powered-by: <My server information> I think the above headers inform too much, so I will remove them. Am I paranoid, or is it a good practice? Thanks, André -- View this message in context: http://www.nabble.com/response-header-fields-tp24953139p24953139.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
