Loading ...

Removing "Server" "X-AspNet-Version" HTTP Headers in ASP.NET | CodeAsp.Net

Removing "Server" "X-AspNet-Version" HTTP Headers in ASP.NET

 /5
0 (0votes)

Whenever a browser makes an HTTP request to a web server, the webserver sends the response along several HTTP headers. SOme of them are necessary and tehre are few others like "Server" "X-AspNet-Version" which can be removed as they can pose a security risk. Here is the screenshot of Response Header for a nomal request to IIS server:

Now these  "Server" "X-AspNet-Version" and "X-Powered-By headers in the response can be simply removed by adding the following code in Global.asax

        protected void Application_PreSendRequestHeaders()
        {
            Response.Headers.Remove("Server");
            Response.Headers.Remove("X-AspNet-Version");
        }

After adding that code in which I have remoived the mentioned headers from response here is the screnshot how the response header looks like:

Comments (no comments yet)

Top Posts