在ASP.Net和IIS中删除不必要的HTTP响应头,IIS响应头敏感信息(Server/X-AspNet-Version等)过滤

 

global.asax.cs文件添加如下代码

        /// <summary>
        /// 移除http相应头
        /// </summary>
        protected void Application_PreSendRequestHeaders()
        {
            Response.Headers.Remove("Server");
            Response.Headers.Remove("X-AspNet-Version");
            Response.Headers.Remove("X-AspNetMvc-Version");
        }
        protected void Application_Start()
        {
            MvcHandler.DisableMvcResponseHeader = true;//移除X-AspNetMvc-Version HTTP头
        }

 

webconfig添加下面配置去掉X-Powered-By

        <httpProtocol>
            <customHeaders>
                <remove name="X-Powered-By" />
            </customHeaders>
        </httpProtocol>

 

posted @ 2020-09-15 16:05  apegu  阅读(1149)  评论(0编辑  收藏  举报