When an HTTP request is made to a web server (like IIS), HTTP headers are transferred from the Browser to the webserver and vice-versa. The HTTP Headers sent by IIS to the browser gives information like how to render the content or gives information about the web server software, version etc.
One such HTTP Headers is the X-Powered-By and X-AspNet-Version which tells the browser that the site is powered by ASP.NET and the ASP.NET version that is used by the web server. Here’s a screenshot that shows the Response Headers using FireBug. You can clearly see both the headers, which shows that my IIS is powered by ASP.NET and its version is 4.0.30319
Remove X-AspNet-Version HTTP Header
If for some reason (like saving bytes in high traffic sites), you want to prevent this Header from being sent to the browser, use the following configuration in your web.config file
Here we are setting the enableVersionHeader property to false in the <httpRuntime> tag
Remove X-Powered-By HTTP Header
In order to remove the X-Powered-By HTTP Header, browse to the site in IIS 7 Manager and locate ‘HTTP Response Headers’
Double click ‘HTTP Response Headers’ and click on Remove.
Now when you request the same site again, you will find that both the HTTP Headers X-Powered-By and X-AspNet-Version are no more sent by IIS to the browser
Giving me +1 tells me you liked this article! Thanks in advance
Did you like this post?
|Save on Delicious|
|subscribe via rss||subscribe via e-mail|
|print this post||follow me on twitter|