Databases
StackOverflow2013
Postsdbo
POSecuring http headers
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POSecuring http headers
    primarykey
    data
    text
    <p>I Have website that is in production server and it supposed to be very secure so i want to secure http header so that no unwanted information is leaked.</p> <p>I have searched on net about securing http headers and so far found that we can remove un anted information like removing</p> <pre><code>'Server Microsoft-IIS/7.5 X-AspNet-Version 4.0.303319 X-Powered-By ASP.NET -' </code></pre> <p>I have found solution for X-Aspnet and X powered by : 1. For X-AspNet i have added below code in system.web section </p> <pre><code>&lt;httpRuntime enableVersionHeader="false"/&gt; </code></pre> <ol> <li><p>For X-Powered i have added below code in system.webserver section</p> <p> </p></li> </ol> <p>But for Server header removal code is not working :(</p> <p>Code i am using for is :</p> <ol> <li><p>I have added a class with name CustomHeaderModule and inside that class code is as below</p> <p>/// /// Summary description for CustomHeaderModule /// public class CustomHeaderModule : IHttpModule {</p> <pre><code>public void Dispose() { throw new NotImplementedException(); } public void Init(HttpApplication context) { context.PostReleaseRequestState += PostReleaseRequestState; } void PostReleaseRequestState(object sender, EventArgs e) { //HttpContext.Current.Response.Headers.Remove("Server"); // Or you can set something funny HttpContext.Current.Response.Headers.Set("Server", "CERN httpd"); } </code></pre> <p>}</p></li> </ol> <p>and then registered this in web.config under system.webserver section</p> <pre><code>&lt;modules runAllManagedModulesForAllRequests="true"&gt; &lt;add name="CustomHeaderModule" type="CustomHeaderModule" /&gt; &lt;/modules&gt; </code></pre> <p>Now this code is not working ..i am still seeing server in header in chrome browser..</p> <p>how can i fix this and apart from these 3 setting is there any other to secure more ?</p>
    singulars
    1. PO
      singulars
      1. PTAnswer
    1. This table or related slice is empty.
    1. PTQuestion
    1. This table or related slice is empty.
    1. USMahajan344
    plurals
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    2. PO
      singulars
      1. PTAnswer
    3. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POSecuring http headers
      1. This table or related slice is empty.
      1. VTUpMod
    2. VO
      singulars
      1. POSecuring http headers
      1. This table or related slice is empty.
      1. VTUpMod
    1. COno one wants to help me :(
      singulars
      1. POSecuring http headers
      1. USMahajan344
    2. COHad a look at this ? http://www.4guysfromrolla.com/articles/120209-1.aspx "In a nutshell, you need to create an HTTP Module that creates an event handler for the PreSendRequestHeaders event."
      singulars
      1. POSecuring http headers
      1. USjbl
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload