You might have seen the following information in the request header of your website. An attacker can use this information to carry out attacks on your website. You can easily avoid this.

The following will remove ASP.net version header

<system.web>
<httpRuntime enableVersionHeader=”false” />
</system.web>

 

The following will remove X-Powered-By and IIS version

<system.webServer>
<httpProtocol>
<customHeaders>
<remove name=”X-Powered-By” />
</customHeaders>
</httpProtocol>
<rewrite>
<outboundRules>
<rule name=”Remove RESPONSE_Server” >
<match serverVariable=”RESPONSE_Server” pattern=”.+” />
<action type=”Rewrite” value=”NA” />
</rule>
</outboundRules>
</rewrite>
</system.webServer>

Donate me $1 or above 🙂 https://www.paypal.me/ccsindia