Removing Server header from static content in IIS 7/8

后端未结

关注

 5  1507

走了就别回头了 2021-02-01 15:53

As part of an effort to make our API and site more secure, I\'m removing headers that leak information about what the site is running.

Example before stripping headers:<

5条回答

一向 (楼主)

2021-02-01 16:10

The same way that's in this answer, and in this website:, you should use the following steps:

C#:

namespace MvcExtensions.Infrastructure
{
    public class CustomServerName : IHttpModule
    {
        public void Init(HttpApplication context)
        {
            context.PreSendRequestHeaders += OnPreSendRequestHeaders;
        }

        public void Dispose() { }

        void OnPreSendRequestHeaders(object sender, EventArgs e)
        {
            HttpContext.Current.Response.Headers.Remove("Server");
        }
    }
}

Web.config:

0 讨论(0)

查看其它5个回答