As part of our company security policy we regularly run Nessus security scanner against our servers.

Our Zimbra OSS has failed on "HTTP Header Internal IP Disclosure" which basically means the internal 192.168.x.x IP of the server is being sent in the HTTP header. Tenable Network Security

On Tomcat we add a proxyName value to rewrite the header with the domain name.

But I don't know if this is possible with Jetty, or how it is done in the Zimbra Jetty.

Anyone any ideas?

Thanks