Suppressing WebSEAL server identity
HTTP responses normally include a Server header containing the identity and version of the server that is sending the response.
The following example illustrates the header output for a response sent from WebSEAL:
Content-Type: text/html Date: Tue, 09 Nov 2004 02:34:18 GMT Content-length: 515 Server: WebSEAL/6.0.0 Last-Modified: Thu, 04 Nov 2004 08:03:46 GMT Connection: closeFor security reasons, we might want WebSEAL to suppress the Server header in its responses to clients.
To suppress WebSEAL server identity in HTTP server responses, set the suppress-server-identity stanza entry in the [server] stanza of the WebSEAL configuration file to "yes":
[server] suppress-server-identity = yesThe default setting is "no".
Parent topic: Suppression of WebSEAL and back-end server identity