Merge pull request #4123 from OpenLiberty/staging

Update_prod

Author: navaneethsnair1

src/main/content/antora_ui/src/css/doc.css

@@ -236,6 +236,7 @@
   table-layout: fixed;
   position: relative;
   width: 100%;
+  margin-left: 10px;
 }
 
 .doc .admonitionblock td.content {

src/main/java/io/openliberty/website/SecurityFilter.java

@@ -59,6 +59,9 @@ public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain
         } else if ("https".equals(req.getScheme())) {
             // If HTTPS is configured this sets a bunch of security headers
 
+            // Remove X-Powered-By header to prevent information disclosure (OWASP recommendation)
+            response.setHeader("X-Powered-By", "");
+            
             // Tell browsers that this site should only be accessed using HTTPS, instead of using HTTP.
             // IncludeSubDomains and 1 year set per OWASP.
             response.setHeader("Strict-Transport-Security", "max-age=31536000; includeSubDomains");