Tuesday, February 26, 2019
Removing some HTTP response headers
In the web.config of ASP.NET website project:
1. Add the following line to remove the X-AspNet-Version header.
<system.web>
<httpRuntime enableVersionHeader="false"/>
</system.web>
2. Removing X-Powered-By header.
<system.webServer>
<httpProtocol>
<customHeaders>
<remove name="X-Powered-By" />
</customHeaders>
</httpProtocol>
</system.webServer>
3. Removing Server header which you may do it in the global.asax
void Application_BeginRequest(object sender, EventArgs e)
{
var application = sender as HttpApplication;
if (application != null && application.Context != null)
{
application.Context.Response.Headers.Remove("Server");
}
}
To change the default cookie name in ASP.Net
<sessionState cookieName="mySessID" />
Subscribe to:
Posts (Atom)