I hope this is the right area for this question - I couldn't see a tomcat-specific category.
In the Apache config, you can change the ServerTokens directive from Full to Prod to suppress the amount of information sent with the HTTP headers - a good idea for a production system to hide the implementation details.
e.g. instead of sending the full info, such as 'Server: Apache/2.0.49 (Win32) mod_ssl/2.0.49 OpenSSL/0.9.7d mod_jk/1.2.4', with the Prod setting it only sends 'Server: Apache'.
I was just wondering if there is such an option for tomcat. Currently it is sending 'Servlet-Engine: Tomcat Web Server/3.2.1 (JSP 1.1; Servlet 2.2; Java 1.3.1_07; Windows 2000 5.0 x86; java.vendor=Sun Microsystems Inc.)' - can I change the config so that it just sends something like 'Servlet-Engine: Tomcat Web Server' or similar?
Thanks for your help!