{"id":1477,"date":"2020-07-28T10:15:03","date_gmt":"2020-07-28T13:15:03","guid":{"rendered":"https:\/\/www.franklinjr.com\/blog\/?p=1477"},"modified":"2020-07-31T08:40:18","modified_gmt":"2020-07-31T11:40:18","slug":"remover-response-headers-do-iis","status":"publish","type":"post","link":"https:\/\/www.franklinjr.com\/blog\/index.php\/2020\/07\/28\/remover-response-headers-do-iis\/","title":{"rendered":"Remover response headers do IIS"},"content":{"rendered":"\n

Seguindo as boas pr\u00e1ticas de seguran\u00e7a, e recomendado esconder alguns cabe\u00e7alhos de retorno http, em que informam vers\u00f5es dos servi\u00e7os oferecidos no servidor, como vers\u00e3o do IIS, do PHP e do ASP.net.<\/p>\n\n\n\n

Para desativar o cabe\u00e7alho do php, altere a tag expose_php <\/strong>no php.ini para Off.<\/p>\n\n\n\n

; Decides whether PHP may expose the fact that it is installed on the server\n; (e.g. by adding its signature to the Web server header).  It is no security\n; threat in any way, but it makes it possible to determine whether you use PHP\n; on your server or not.\n; http:\/\/php.net\/expose-php\nexpose_php = Off\n<\/pre>\n\n\n\n
J\u00e1 para remover o header ‘Server’, \u00e9 poss\u00edvel criar uma regra com o url rewrite, no IIS, alterando o valor do RESPONSE_Server, deixando oculto ou com alguma outra informa\u00e7\u00e3o que desejar. No exemplo abaixo, alterei o valor padr\u00e3o para IIS.<\/p>\n\n\n\n
    \n  \n    \n      \n      \n    <\/rule>\n  <\/outboundRules>\n<\/rewrite><\/pre>\n\n\n\n
Para remover o header ‘X-Powered-By’, que o asp.net deixa por padr\u00e3o, informando que o site oferece suporte ao asp.net, \u00e9 poss\u00edvel fazer direto na interface gr\u00e1fica do IIS, da vers\u00e3o 8 \u00e0 10, clicando no servidor, depois em ‘HTTP response headers’ e removendo o valor X-Powered-By ASP.NET.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
E por fim, para remover a vers\u00e3o do asp.net, tamb\u00e9m \u00e9 poss\u00edvel fazer no IIS, clicando no servidor, depois em ‘configuration editor’, na se\u00e7\u00e3o altere para ‘system.web\/httpRuntime’ e mude o valor da chave enableVersionHeader para False.<\/p>\n\n\n\n
\"\"<\/figure>\n\n\n\n
As dicas foram feitas com base no link abaixo
https:\/\/www.saotn.org\/remove-iis-server-version-http-response-header\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
Seguindo as boas pr\u00e1ticas de seguran\u00e7a, e recomendado esconder alguns cabe\u00e7alhos de retorno http, em que informam vers\u00f5es dos servi\u00e7os oferecidos no servidor, como vers\u00e3o do IIS, do PHP e do ASP.net. Para desativar o cabe\u00e7alho do php, altere a tag expose_php no php.ini para Off. ; Decides whether PHP may expose the fact that […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-1477","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\r\nRemover response headers do IIS - Franklin Jr.<\/title>\r\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\r\n<link rel=\"canonical\" href=\"https:\/\/www.franklinjr.com\/blog\/index.php\/2020\/07\/28\/remover-response-headers-do-iis\/\" \/>\r\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.franklinjr.com\/blog\/index.php\/2020\/07\/28\/remover-response-headers-do-iis\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"In\u00edcio\",\"item\":\"https:\/\/www.franklinjr.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Remover response headers do IIS\"}]}]}<\/script>\r\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Remover response headers do IIS - Franklin Jr.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.franklinjr.com\/blog\/index.php\/2020\/07\/28\/remover-response-headers-do-iis\/","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BreadcrumbList","@id":"https:\/\/www.franklinjr.com\/blog\/index.php\/2020\/07\/28\/remover-response-headers-do-iis\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"In\u00edcio","item":"https:\/\/www.franklinjr.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Remover response headers do IIS"}]}]}},"_links":{"self":[{"href":"https:\/\/www.franklinjr.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1477","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.franklinjr.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.franklinjr.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.franklinjr.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.franklinjr.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1477"}],"version-history":[{"count":5,"href":"https:\/\/www.franklinjr.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1477\/revisions"}],"predecessor-version":[{"id":1495,"href":"https:\/\/www.franklinjr.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1477\/revisions\/1495"}],"wp:attachment":[{"href":"https:\/\/www.franklinjr.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1477"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.franklinjr.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1477"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.franklinjr.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1477"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}