As a best practice, create a custom blank server header for the TCServer response header used with the vRealize Automation appliance to limit the possibility of a malicious attacker obtaining valuable information.


  1. Open the /etc/vco/app-server/server.xml file in a text editor.
  2. In each <Connector> element add server=" ".

    For example: <Connector protocol="HTTP/1.1" server="" ........ />

  3. Save your changes and close the file.
  4. Restart the server using the following command.

    service vco-server restart