Hide Server Banner and Product Info from HTTP Header

Hide Server Banner and Product Info from HTTP Header

A server banner may display information about the underlying hosting environment. Usually in Applications Manager, the information that can be exposed is the product name:

  1. Server: AppManager
For security purposes, it may be desirable to disable the Server response header.

Steps to remove header

  1. Take a backup and open <apm-home>/working/apache/tomcat/conf/backup/server.xml
  2. Search and remove below key-value(s).
    1. server="AppManager"
  3. Restart APM and verify the response headers.

Steps to verify

  1. If this has been reported as a violation in your network scan tool, please re scan and confirm.
  2. Manual steps: 
    1. Using cURL : curl -v <Applications Manager URL>
      eg., curl -v http://apm-me-server:9090


      New to M365 Manager Plus?
      New to M365 Manager Plus?
        New to RecoveryManager Plus?
        New to RecoveryManager Plus?
          New to Exchange Reporter Plus?
          New to Exchange Reporter Plus?
            New to SharePoint Manager Plus?
            New to SharePoint Manager Plus?
                See all integrations
                New to ADManager Plus?
                See all integrations
                New to ADManager Plus?

                  New to ADSelfService Plus?

                  Start your free trial
                  Start your free trial

                    • Related Articles

                    • How to enable HTTP Strict-Transport-Security (HSTS) response header

                      Overview From Applications Manager v16250, the super administrator has the option of enabling HSTS. The RFC 6797-specified HTTP Strict Transport Security (HSTS) protocol enables a website to identify itself as a secure host and notify browsers that ...

                    • Troubleshooting Bad Request and Internal Server error

                      When a server responds with a Bad Request (400) or Internal Server Error (500), It typically indicates issues with how the request is being made or processed. The reasons for these errors can vary, but the most common causes are Incorrectly formatted ...

                    • Configure "/server-status" page for Oracle HTTP server

                      In order to monitor an Oracle HTTP server in Applications Manager, the '/server-status' page must be configured on the target Oracle HTTP server that needs to be monitored. This can be accomplished by following these steps: Step 1 - Enable the ...

                    • Disable HTTP access in Applications Manager

                      Overview This article describes configuring a secure connection between Applications Manager server and the browser/client. Applications Manager can be accessed through any of the following URLs: For HTTP  -> http://[hostname/ip-address]:[http-port] ...

                    • Troubleshooting - Apache Server

                      Troubleshooting - Apache Server monitor If you're encountering issues in Apache Server monitor in Applications Manager, follow these steps to diagnose and resolve the problem: 1. Verify the Server is an Apache Server: Open Command Prompt on the ...

                      Related Products