Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Server header is exposing important information (Solution Suggestion) #57

Closed
ramyhhh opened this issue May 16, 2015 · 2 comments
Closed

Server header is exposing important information (Solution Suggestion) #57

ramyhhh opened this issue May 16, 2015 · 2 comments

Comments

@ramyhhh
Copy link

ramyhhh commented May 16, 2015

Hello ... Sorry I couldn't check everything about it in details, but I knew that the Server header couldn't be removed since the last upgrade of NWebsec.
I suggest changing the value of the server header as a kind of obfuscation instead of totally removing it. I have tried changing the Server header into something like Apatche and it worked and IIS didn't realize the change.
@klings
Copy link
Member

klings commented May 25, 2015

Well, opinions vary on whether the server header really exposes valuable information. See the last couple of paragraphs in the docs for Suppressing version headers.

I suggest we leave this issue hanging, and I'll have another look at it when I'm done with the work to support ASP.NET vnext.

@klings
Copy link
Member

klings commented Mar 12, 2017

Closing this, this won't change for the ASP.NET 4 NWebsec.

@klings klings closed this as completed Mar 12, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@klings @ramyhhh