Close

🔰 IIS Security 🔰

 

Add custom HTTP response header in IIS

To add a custom HTTP response header at the web site level in IIS on a Windows Server computer, follow these steps:

  1. Select Start, select Administrative Tools, and then select Internet Information Services (IIS) Manager.
  2. In the connections pane, expand the node for the server, and then expand Sites.
  3. Select the web site where you want to add the custom HTTP response header.
  4. In the web site pane, double-click HTTP Response Headers in the IIS section.
  5. In the actions pane, select Add.
  6. In the Name box, type the custom HTTP header name.
  7. In the Value box, type the custom HTTP header value.
  8. Select OK.

Cache-Control
must-revalidate, pre-check=0, post-check=0, max-age=0, s-maxage=0


Expires
0


options.FormFieldName
AntiforgeryFieldname


options.HeaderName
X-CSRF-TOKEN-HEADERNAME


Pragma
no-cache


Strict-Transport-Security
max-age=31536000; includeSubDomains; preload


X-Content-Type-Options
nosniff


X-Frame-Options
DENY


X-Powered-By
Remove


X-XSS-Protection
1; mode=block


< system.webServer>
	< httpProtocol>
		< customHeaders>
			< remove name="X-Powered-By" />
			< remove name="X-AspNet-Version" />
			< remove name="X-AspNetMvc-Version" />
		< / customHeaders>
	< / httpProtocol>

	< rewrite>
		< outboundRules>
			< rule name="Remove RESPONSE_Server" >
			< match serverVariable="RESPONSE_Server" pattern=".+" />
			< action type="Rewrite" value="EXAMSTEST Server" />
		
		< / outboundRules>
	< / rewrite>
< / system.webServer>

Final view in IIS Manager

 

 

 

0 Comments
Leave a message

Search Current Affairs by date
Other Category List