How to disable Tomcat server version header

By default, Tomcat server version is exposed to public and may leads to security issues. This article explains the steps to hide the Tomcat server version header.

Step1: Login to the server via ssh as root.

Step2: Change the location to Tomcat lib folder.

#cd  CATALINA_HOME/lib

Where CATALINA_HOME need to be replaced with the full path to Tomcat installation folder.

Step3: Extract the ServerInfo properties.

#jar xf catalina.jar org/apache/catalina/util/ServerInfo.properties

Step4: Open the ServerInfo properties file.

#vi org/apache/catalina/util/ServerInfo.properties

Step5: Modify the values of the following parameters to some dummy values and save the file.

server.info=
server.number=
server.built=

Step6: Update the Serverinfo properties to Catalina jar.

#jar uf catalina.jar org/apache/catalina/util/ServerInfo.properties

Step7: Restart the Tomcat service.

#systemctl restart tomcat

That's all…