changing the value of "Server" response header
Question

Hi

I am trying to assign empty value to "Server" HTTP header but unable to do so.

It is displaying as "Microsoft-IIS/8.5" at the moment but i want to hide the information for security reasons.

Is there any easy way to do this? I read it requires IIS /Registry changes. We don't have IIS access and i don't want to change registry as it might be risky.

I did the same for  

"X-Powered-By" and "X-AspNet-Version"  and they are ok  but "server" is displayed 2 times 1 with empty value and 1 with actual version information.



Please help.

Thank you

Out servers are on Cloud and OS has to change those settings, Raised a support ticket but OS came up with this.

https://success.outsystems.com/Support/Unlisted/Support_Team/Security/HTTP_Header_Field_Discloses_Technical_Information


mvp_badge
MVP

HI Lakshmi,

This information is added by IIS, not by OutSystems, so you should look at the IIS configuration. Do you have a cloud environment, or on-premise?

Kilian Hekhuis wrote:

HI Lakshmi,

This information is added by IIS, not by OutSystems, so you should look at the IIS configuration. Do you have a cloud environment, or on-premise?

Thanks for the quick response Kilian Hekhuis,

Unfortunately I don't have access to IIS or cloud but please let me know the solution so that I can explain the scenario to the people with access.

Thank you


mvp_badge
MVP

I think people with access to IIS should be able to configure the necessary things if you explain them what you need :).

Kilian Hekhuis wrote:

I think people with access to IIS should be able to configure the necessary things if you explain them what you need :).


Thank you Kilian Hekhuis. Will let them know the issue then.

Out servers are on Cloud and OS has to change those settings, Raised a support ticket but OS came up with this.

https://success.outsystems.com/Support/Unlisted/Support_Team/Security/HTTP_Header_Field_Discloses_Technical_Information


Hi Iakshmi,

Would you be able to share a public link or copy their answers as the link you sent is not available.

Thank you in advance.

Giuliano

Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.