I need to secure Wowza Media Engine server, Our policy is to prevent and do not left any footprints, like servername and its version on HTTP Response Header:
Server:WowzaStreamingEngine/4.8.5
We created this module by Eclipse + Wowza IDE plugin:
package mypackage;
import com.wowza.wms.application.*;
import com.wowza.wms.amf.*;
import com.wowza.wms.client.*;
import com.wowza.wms.module.*;
import com.wowza.wms.request.*;
import com.wowza.wms.stream.*;
import com.wowza.wms.rtp.model.*;
import com.wowza.wms.httpstreamer.model.*;
import com.wowza.wms.httpstreamer.cupertinostreaming.httpstreamer.*;
import com.wowza.wms.httpstreamer.smoothstreaming.httpstreamer.*;
public class MyModule extends ModuleBase {
public void onHTTPSessionCreate(IHTTPStreamerSession httpSession) {
httpSession.setUserHTTPHeader("Server", "ItsASecret");
}
}
after saving the project, IDE automatically generate mine.jar into [installDIR]/lib folder, the We add the module to the [installDIR]/conf/vod/Application.xml:
<Modules>
<Module>
<Name>base</Name>
<Description>Base</Description>
<Class>com.wowza.wms.module.ModuleCore</Class>
</Module>
<Module>
<Name>logging</Name>
<Description>Client Logging</Description>
<Class>com.wowza.wms.module.ModuleClientLogging</Class>
</Module>
<Module>
<Name>flvplayback</Name>
<Description>FLVPlayback</Description>
<Class>com.wowza.wms.module.ModuleFLVPlayback</Class>
</Module>
<Module>
<Name>mypackage</Name>
<Description>IDK</Description>
<Class>MyModule</Class>
</Module>
</Modules>
Unfortunately it is not working, is there any mistake?
Instead of a module, add a property to your Server.xml file in the
Propertiesat the bottom.This will override the value you are looking to hide. Faster and easier to maintain too.