Project

General

Profile

Actions

Bug #19163

closed

Do not display the jetty version number

Added by Julien BRIAULT almost 2 years ago. Updated 8 months ago.

Status:
Released
Priority:
N/A
Category:
Security
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Very Small
Priority:
0
Regression:

Description

For security reasons, it seems important to stop sending the Jetty version number.
All this in order to strengthen the security of Rudder (in case of pentest for example).

To disable the display of the version number:

jetty.send.server.version=false


Files

jetty_version.png (46.1 KB) jetty_version.png Elaad FURREEDAN, 2021-12-14 12:39

Related issues 1 (0 open1 closed)

Related to Rudder - Bug #11160: We should not send Jetty version in header responseRejectedActions
Actions

Also available in: Atom PDF