Visitors Edition
Membership Help?
Need help? Our Trial Membership program will get you help on any IT project you're working on. You'll get access to our research, tools, advice and project help.
Start your free trial membership now:
Want to learn more about our membership options, pricing, or to get a product demo? Get in touch with one of our reps using an option below.
Trial Member Registration
Learn more About Info-Tech
Click to Chat
  • 6
(Personalize the message)

Email 1:


Email 2:


Email 3:


Email 4:


Email 5:


Hinder Web Server Attacks: Mask HTTP Headers

More Details
Access this Note FREE by giving us your email address.

When you register you will also receive:
  • A Free Trial Membership which provides additional free research and help on your projects
  • Access to survey data, contribute to our research, community involvement and much more

Common Web server attacks begin with a port scan, a type of reconnaissance to map gateways into the enterprise's servers. One information-gathering tactic is to ask the Web server to send a page. From the resulting HTTP header, the attacker identifies the Web server software and version. Alter or mask Web server HTTP headers to reduce the threat footprint.

Hide the Lock

On publicly facing Web servers, the name and version number of the Web server software is important security information that should be kept safe. However, most Web servers automatically reveal the name of the software package and the version identity. Essentially, these Web servers advertise what type of lock is on the door.


Already a member?
Please Login

Related Content

  1. SSL VPN Vendor Shortlist Tool
  2. Vendor Landscape: Secure Socket Layer Virtual Private Network
  3. WatchGuard, SonicWALL and Barracuda are Champions in the Secure Socket Layer Virtual Private Network Market
  4. A Checklist for PCI Compliance
  5. A Closer Look at Software Patching Practices

Tags

security, apache, IIS, Internet Information Services, Port80 Software, F5 Networks, ServerMask, HTTP header, Web server, Array Networks