Solved

IIS server version hiding

Posted on 2013-11-26
2
405 Views
Last Modified: 2013-12-01
Hi,
I have a web application published by using IIS on a web server.
This application can be accessed with a user and password.
Can someone who doesn't have password see IIS version which this applicaiton running on?
And how do I hide this version information?
Thank you
0
Comment
Question by:certuran
2 Comments
 
LVL 58

Accepted Solution

by:
Gary earned 250 total points
ID: 39679378
Yes they can but you can override it.
Download http://www.microsoft.com/en-us/download/details.aspx?displaylang=en&id=5728
Open up %WinDir%\System32\inetsrv\urlscan\UrlScan.ini
Search for RemoveServerHeader and set the value to 1 or look for AlternateServerName and set it to whatever you want it to say instead of IIS...

And for other headers
http://www.troyhunt.com/2012/02/shhh-dont-let-your-response-headers.html
0
 

Author Closing Comment

by:certuran
ID: 39687871
I could hide IIS version with this suggestion. Thank you very much.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you considered what group policies are backwards and forwards compatible? Windows Active Directory servers and clients use group policy templates to deploy sets of policies within your domain. But, there is a catch to deploying policies. The…
Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question