IIS 6.0 retuning private IP in HTTP reponse header

Posted on 2008-11-04
Last Modified: 2012-05-05
Recently got audited and a scan found that one of my IIS 6.0 servers was returning it's private IP in the HTTP response body.  How can I block this IP from being displayed?

attached is the actual snippet from the audit.



Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/, application/, application/msword, application/x-ms-application, application/x-ms-xbap, application/, application/xaml+xml, */*

UA-CPU: x86

User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.2; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; MS-RTC LM 8) Paros/3.2.13


Connection: Keep-Alive

Accept-Language: en-us


HTTP/1.1 301 Moved Permanently

Date: Wed, 15 Oct 2008 13:52:02 GMT

Content-Length: 156

Content-Type: text/html


X-Powered-By: ASP.NET

Keep-Alive: timeout=1201, max=100

Connection: Keep-Alive

<head><title>Document Moved</title></head>

<body><h1>Object Moved</h1>This document may be found <a HREF="http://172.x.x.x/FIEnrollment/">here</a></body>

Open in new window

Question by:tpagolfnut
    LVL 10

    Expert Comment

    I believe that if you place a host header into your configuration, it will reply with the host header rather than the IP address.  Purely a guess.

    Best of luck,

    Author Comment

    Thanks, i will give it a try and let you know the outcome.

    Accepted Solution

    Worked with Microsoft support on this.  They told me the easiest way to do this was remove the reference to the default pages in the website properties.  I removed them then disabled the use of default pages.  Thanks for your assistance.

    Featured Post

    Find Ransomware Secrets With All-Source Analysis

    Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

    Join & Write a Comment

    This article summarizes using a simple matrix to map the different type of phishing attempts and its targeted victims. It also run through many scam scheme scenario with "real" phished emails. There are safeguards highlighted to stay vigilance and h…
    Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
    It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    24 Experts available now in Live!

    Get 1:1 Help Now