Learn F5 Technologies, Get Answers & Share Community Solutions Join DevCentral

Filter by:
  • Solution
  • Technology
Answers

Modify Server string in HTTP response header

I want to secure a few applications by not showing the technical details of the servers in the HTTP response header. Easy task, I thought.

I created a HTTP profile, changed the Server Agent Name to a random string and applied it to the VS. But the HTTP response header still look like this:

$ curl -I http://10.1.10.20                                                                                        Fri Aug 10 13:58:47 2018
HTTP/1.1 200 OK
Date: Fri, 10 Aug 2018 11:22:20 GMT
Server: Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.12 OpenSSL/1.0.1f
X-Powered-By: PHP/5.5.9-1ubuntu4.12
Connection: close
Content-Type: text/html

This is the http profile:

ltm profile http /Common/http_custom {
    app-service none
    defaults-from /Common/http
    insert-xforwarded-for enabled
    proxy-type reverse
    server-agent-name CookieMonsterServer
}

According to this manual: "When you create an HTTP profile, you can specify the string used as the server name in traffic generated by the BIG-IP system. The default value is BigIP."

Here is the VS:

ltm virtual /Common/p80.vs {
    destination /Common/10.1.10.20:80
    ip-protocol tcp
    mask 255.255.255.255
    pool /Common/p80.pool
    profiles {
        /Common/http_custom { }
        /Common/tcp { }
    }
    source 0.0.0.0/0
    source-address-translation {
        type automap
    }
    translate-address enabled
    translate-port enabled
}

BIGIP VE 13.1.1. What am I missing?

0
Rate this Question

Answers to this Question

placeholder+image
USER ACCEPTED ANSWER & F5 ACCEPTED ANSWER

Hi,

This feature will just replace the Server header for F5 generated replies.

You can strip the header server using an irule :

when HTTP_RESPONSE {
    HTTP::header remove Server
}
0
Comments on this Answer
Comment made 2 months ago by ecce 180

Exactly. But is replaces nothing. Thats my problem.

0