如何从 Apache Zeppelin/Any 相关 Web 应用程序中隐藏 Server/Software 版本?
How to Hide Server/Software Version from Apache Zeppelin/Any Related Web-App?
关于如何从 Apache Zeppelin 隐藏 software/server 版本的任何 ideas/suggestions?我们聘请了一家信息安全公司在我们的服务器中执行外部渗透测试,其中一个问题是隐藏应用程序 headers/errors 消息中披露的所有软件版本。
例如,如果我从终端执行此命令:
curl -I -k https://localhost:8181/
它会给出这个结果
HTTP/1.1 200 OK Date: Thu, 16 Jul 2020 03:37:42 GMT Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: authorization,Content-Type Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE Date: Thursday, July 16, 2020 1:37:42 PM AEST Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: authorization,Content-Type Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE Date: Thursday, July 16, 2020 1:37:42 PM AEST Content-Type: text/html Last-Modified: Thu, 08 Jun 2017 09:18:50 GMT Accept-Ranges: bytes Content-Length: 3657 Server: Jetty(9.2.15.v20160210)
如何隐藏 Server: Jetty(9.2.15.v20160210) 或什至可能?我正在尝试搜索,但还没有找到解决方案。感谢任何帮助。提前致谢!干杯。
在 Zeppelin 0.9.0(尚未发布)中是可能的 - 它同时作为 ZEPPELIN-4586 and should be available in the 0.9.0-preview2 soon, or you can compile from source yourself. You can look to the documentation 的一部分实现
关于如何从 Apache Zeppelin 隐藏 software/server 版本的任何 ideas/suggestions?我们聘请了一家信息安全公司在我们的服务器中执行外部渗透测试,其中一个问题是隐藏应用程序 headers/errors 消息中披露的所有软件版本。
例如,如果我从终端执行此命令:
curl -I -k https://localhost:8181/
它会给出这个结果
HTTP/1.1 200 OK Date: Thu, 16 Jul 2020 03:37:42 GMT Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: authorization,Content-Type Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE Date: Thursday, July 16, 2020 1:37:42 PM AEST Access-Control-Allow-Credentials: true Access-Control-Allow-Headers: authorization,Content-Type Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, HEAD, DELETE Date: Thursday, July 16, 2020 1:37:42 PM AEST Content-Type: text/html Last-Modified: Thu, 08 Jun 2017 09:18:50 GMT Accept-Ranges: bytes Content-Length: 3657 Server: Jetty(9.2.15.v20160210)
如何隐藏 Server: Jetty(9.2.15.v20160210) 或什至可能?我正在尝试搜索,但还没有找到解决方案。感谢任何帮助。提前致谢!干杯。
在 Zeppelin 0.9.0(尚未发布)中是可能的 - 它同时作为 ZEPPELIN-4586 and should be available in the 0.9.0-preview2 soon, or you can compile from source yourself. You can look to the documentation 的一部分实现