http - how to prevent Error messages on the site can be controlled by the user. (Spring web application) -

we have spring web application , have domain name such as:-example.com

but on application server status can configured user if site down.

for example: if hit application as:-example.com/server-status/this test message.

this message gets published on browser.this can attackers send malicious messages user.

i have tried various alternative unable stop it.please in regard.thanks in advance,

it's hard understand trying achieve, if understood clearly, can use spring security prevent not logged (or without admin role) users send requests example.com/server-status/this.

for tutorials how implement spring security example here: http://www.mkyong.com/tutorials/spring-security-tutorials/