RabbitMQ management console is revealing server details

[Ratul Bhattacharya]

Hello,

We are using RabbitMQ in our application and its management console is running on MochiWeb server version 1.0

Server is exposing its name and version both as shown below. This can lead to "banner grabbing" kind of cyber attack. Is there a way to hide/mask the server details?

$ curl -v localhost:15672

> GET / HTTP/1.1

> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2

> Host: localhost:15672

> Accept: */*

>

< HTTP/1.1 200 OK

< Content-Length: 1419

< Content-Type: text/html

< Date: Wed, 15 May 2019 14:02:46 GMT

< last-modified: Fri, 12 Apr 2019 09:22:08 GMT

< Server: MochiWeb/1.0 (Any of you quaids got a smint?)