How to remove IIS server information from the response header?

#howto #iis #remove #header

How to remove IIS server information from the response header?

(Tested on IIS 10.0, ASP.NET MVC 5)

Add/Edit three lines of code in web.config as below

Line 1

<httpRuntime targetFramework="4.7.2" enableVersionHeader="false" />

Line 2

<remove name="X-Powered-By" />

Line 3

<requestFiltering removeServerHeader="true" />

Overview

...
<system.web>
    <compilation debug="true" targetFramework="4.7.2" />
    <httpRuntime targetFramework="4.7.2" enableVersionHeader="false" />
</system.web>
<system.webServer>
    <httpProtocol>
        <customHeaders>
            <remove name="X-Powered-By" />
        </customHeaders>
    </httpProtocol>
    <security>
        <requestFiltering removeServerHeader="true" />
    </security>
</system.webServer>
...

DEV Community

How to remove IIS server information from the response header?

How to remove IIS server information from the response header?

Add/Edit three lines of code in web.config as below

Overview

Top comments (0)

Read next

10 Healthy Habits For Coffee Drip Maker

Fitting a Cat Flap

Cat Flap Installation Near Me

How The 10 Most Disastrous Gas Engineer Certificate-Related FAILS Of All Time Could've Been Prevented