Results 1 to 9 of 9

Thread: change/remove info about wowza server when scanning

  1. #1
    Join Date
    Oct 2011
    Posts
    26

    Default change/remove info about wowza server when scanning

    hi,

    is there any possibility to change/remove wowza server page when someone try to access on some port ?
    I mean by example : "Wowza Media Server 3 Trial Edition (Expires: nov. 24, 2011) 3.0.2.02 build877"
    from scan : "FlashCom 3.5.7 (Wowza Media Server 3 Trial Edition (Expires: nov. 24, 2011) 3.0.2.02 build877 http config)"

    On my side I need to let tcp 80 opened to use rtmpt but if a user try from his browser to enter url, he will get message above :-(
    so I would like to change it at least.

    Thanks


    NIcolas

  2. #2

    Default

    Hi Nicolas,

    This is set in conf/VHost.xml. Comment out the HTTPServerVersion HTTPProvider for the port you desire. By default this is enabled on ports 1935, 443, 8086, but not port 80.

  3. #3
    Join Date
    Oct 2011
    Posts
    26

    Default

    Quote Originally Posted by randall View Post
    Hi Nicolas,

    This is set in conf/VHost.xml. Comment out the HTTPServerVersion HTTPProvider for the port you desire. By default this is enabled on ports 1935, 443, 8086, but not port 80.
    great, thanks

    Nicolas

  4. #4

    Default

    Sorry for bumping this old topic but:
    I've removed the section and never found the version again But, since recently i've found the versioning again (Server: FlashCom/3.5.7). I believe it came back after upgrading from 2.x to 3.x. The Vhost.xml does not contain the HTTPServerVersion (the section is completely removed).

    HTTP request sent, awaiting response...
    HTTP/1.0 200 OK
    Content-type: text/xml
    Access-Control-Allow-Origin: *
    Content-Type: text/html
    Connection: Keep-Alive
    Server: FlashCom/3.5.7
    Cache-Control: no-cache
    Content-Length: 78
    Length: 78 [text/xml]
    Remote file exists.

    Any idea?

  5. #5
    Join Date
    Sep 2011
    Posts
    1,931

    Default

    Hi
    I'm afraid you can't remove the FlashCom version.
    As far as I'm aware its always been there.

    Jason

  6. #6
    Join Date
    Dec 2007
    Posts
    21,962

    Default

    I think this is Wowza user-agent in this case. I don't think it is configurable

    Richard

  7. #7

    Default

    Quote Originally Posted by JasonH View Post
    Hi
    I'm afraid you can't remove the FlashCom version.
    As far as I'm aware its always been there.

    Jason

    Now you mention it, this could be the case.
    I think I was mistaking by the wowza version number you get if you put http://wowza-ip:1935 in your browser. That option can be disabled by the HTTPServerVersion.

    Is there a way to make this more secure?
    when I (or anybody else) perform a scan my Wowza server, it want it go give me a "forbidden" (403) or "not found" (404) by default. Any way to make this possible?

    Thanks so far

  8. #8

    Default

    If you don't want Wowza to listen on certain ports you can comment out the section in conf/VHost.xml. Or remave a particular port from the ports element. Or you can do something with your firewall.

  9. #9
    Join Date
    Dec 2007
    Posts
    21,962

    Default

    Or you can change the AuthenticationMethod of that HTTPProvider in the VHost.xml to "admin-basic" to require username and password, which you can provide like this:

    http://username:password@[wowza-address]:1935
    Richard

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •