Ping a Specific Port

Question

sharptooth

Asked: 2012-06-05 04:53:36 +0800 CST2012-06-05 04:53:36 +0800 CST 2012-06-05 04:53:36 +0800 CST

What's the use of X-Powered-By, Server and other similar HTTP headers?

772

What's the use of Server, X-Powered-By and other similar headers? Looks like the consensus is they should be removed so that automatic vulnerability scanners doen't immediately know which version of which software they're dealing with and so automatic vulnerability discovery gets harder.

Are there scenarios where it is indeed useful to let all the world know that the site is running on IIS 7 and is X-Powered-By ASP.NET version 4?

1 Answers

Voted

Chris S · Answer 1 · 2012-06-05T05:23:49+08:00

Best Answer

Chris S

2012-06-05T05:23:49+08:002012-06-05T05:23:49+08:00

It might be useful to developers or Power User clients; but is certainly more commonly useful to hackers and their like. I would leave them on while developing a site, and perhaps upon initial release; but not in the long run. Clients care about content, not headers.

20

What's the use of X-Powered-By, Server and other similar HTTP headers?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?