Some companies have scanning tools that look for security vulnerabilities on systems. Skybot is getting flagged for letting the server allow GET, PUT, DELETE type commands on the server. There are two server instances on the server. There is the ROOT server, and the Skybot server. We believe the only issue was the ROOT server as the Skybot server is locked behind our logins. We cannot be sure at this time if it fixes the issue as the customers we have sent it to have never responded back to our requests stating if it worked or not.
the 'fix' is to take the modified xml file and replace the file in the following location and restart the server.
I have attached an xml file (extract the file first) that you can place into the following location, overwriting the current web.xml file located there. Restart the server.
C:\Program Files (x86)\Skybot\Skybot Scheduler\webapps\ROOT\WEB-INF
This will block all requests for the ROOT of the tomcat install, but there will still be PUT, GETS, DELETES against our install of the server, but they are secured, so hopefully your scan shows as good after the change