« Previous Next »

• 06-27-2008, 3:24 PM

  zerkat Joined on 06-13-2008, 1:37 PM Posts 4

  hiding/suppressing http headers Reply Contact Is there a way to suppress the server software from being returned in the header? I am running IIS 6. I installed URLScan which will suppress the server header but the software version and ports still display. I have an ASP page that will return everything in the header to double check. Is there another tool or software that would accomplish this? Any advice on this matter would be greatly appreciated.

• 06-27-2008, 4:19 PM

  In reply to

  wadeh Joined on 04-19-2005, 10:17 PM Posts 112

  Re: hiding/suppressing http headers Reply Contact UrlScan can do this by setting RemoveServerHeader=1. If I understand correctly how you are trying to test this, I believe that your test is not valid.  The SOFTWARE_VERSION, REMOTE_PORT, etc. server variables visible in ASP are not response headers. The proper way to test this is to use a sniffer tool to look at bits on the wire or a test client like wfetch that can show you the raw headers that the server returned. Thanks, -Wade

• 06-30-2008, 8:06 AM

  In reply to

  zerkat Joined on 06-13-2008, 1:37 PM Posts 4	Re: hiding/suppressing http headers Reply Contact oh.....thanks....That makes sense. Probably something I should have already known. oh well, we all have those moments.