pf » Howto Disable the Server Header in IIS
Howto Disable the Server Header in IIS
Steven Erat just pointed me to a technote from Macromedia Adobe called: Configuring ColdFusion MX 7 Server Security in the comments of my securing apache config article. In the technote I found that you can disable the Server header on IIS by setting the HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\DisableServerHeader registry entry to 1.
Why is this a good idea? It makes you less of a target for attackers who scan IP ranges for particular servers. It won't actually make your server any more secure.
add to del.icio.usRelated Entries
- Top 20 Internet Security Vulnerabilities of 2005 - November 23, 2005
- Apache mod_rewrite for IIS - March 24, 2005
- Batch Files to Restart Services on Windows - October 9, 2002
http://www.servermask.com
- CFSCRIPT Cheatsheet
- 3 New Image Effects for ColdFusion 8
- Googlebot to Submit Web Forms
- ColdFusion 8 Update 1 Fixes some Image Processing Quirks
- 10 Most Useful Image Functions in ColdFusion 8
- Speaking at NYC CFUG This Week
- Adobe AIR Tutorial for HTML / JavaScript Developers
- INFORMATION_SCHEMA Support in MySQL, PostgreSQL
RSS
Pete Freitag is a software engineer, and web developer located in central new york.
Pete's company Foundeo Inc. builds products for web developers and provides consulting services.
In 2003 Pete published the ColdFusion MX Developers Cookbook with SAMs Publishing.
More about Pete.
