隐藏Tomcat异常页面中的版本信息,Tomcat服务器版本号泄露

隐藏Tomcat异常页面中的版本信息,Tomcat服务器版本号泄露

在Tomcat报错页面中,显示Apache Tomcat/8.5.51相关版本号等信息,是不安全的。这会被攻击者获取到,利用该版本的其他漏洞对服务器进行攻击。所以需要隐藏掉。
在这里插入图片描述

修改ServerInfo.properties

  1. 进入tomcat安装目录
cd /usr/local/tomcat/apache-tomcat-8.5.51/lib

在这里插入图片描述

  1. 备份catalina.jar包
cp catalina.jar catalina.jar_bak
  1. 下载catalina.jar包到本地,用压缩工具打开。
    在这里插入图片描述

进入路径:org\apache\catalina\util,打开ServerInfo.properties文件
源文件:

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

server.info=Apache Tomcat/8.5.51
server.number=8.5.51.0
server.built=Feb 5 2020 22:26:25 UTC

修改server.info、server.number、server.built,修改后:

# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements.  See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License.  You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

server.info=
server.number=
server.built=

重启Tomcat

[root@q bin]# ps -ef|grep tomcat
root      5621  4860  0 10:01 pts/0    00:00:00 grep tomcat
root      9431     1  0 Feb17 ?        08:50:31 /usr/local/java/jdk1.8.0_11/bin/java -Djava.util.logging.config.file=/usr/local/tomcat/apache-tomcat-8.5.51/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djdk.tls.ephemeralDHKeySize=2048 -Djava.protocol.handler.pkgs=org.apache.catalina.webresources -Dorg.apache.catalina.security.SecurityListener.UMASK=0027 -Dignore.endorsed.dirs= -classpath /usr/local/tomcat/apache-tomcat-8.5.51/bin/bootstrap.jar:/usr/local/tomcat/apache-tomcat-8.5.51/bin/tomcat-juli.jar -Dcatalina.base=/usr/local/tomcat/apache-tomcat-8.5.51 -Dcatalina.home=/usr/local/tomcat/apache-tomcat-8.5.51 -Djava.io.tmpdir=/usr/local/tomcat/apache-tomcat-8.5.51/temp org.apache.catalina.startup.Bootstrap start
[root@q bin]# kill -9 9431
[root@q bin]# ps -ef|grep tomcat
root      5763  4860  0 10:01 pts/0    00:00:00 grep tomcat
[root@q bin]# ./startup.sh

重启后发现Tomcat版本信息消失。
在这里插入图片描述

  • 3
    点赞
  • 5
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值