cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How do I remove HTTP header showing "Microsoft-IIS/10.0"?

JaxPlanet
Brass Contributor

‎May 16 2023 08:25 AM

‎May 16 2023 08:25 AM

How do I remove HTTP header showing "Microsoft-IIS/10.0"?

PCI scanning has reported Exchange server is exposing its product name.  This is a new requirement as it has never been flagged before.

 

This can be verified by going to the OWA website, opening browser development tools, and looking at the Network section where it reports "server: Microsoft-IIS/10.0".

 

Either the value or the entire entry needs to be removed to pass PCI scanning.

How do I make this change?

Thank you in advance!

Labels:
1,535 Views
0 Likes
1 Reply
Reply
1 Reply
JaxPlanet

‎Sep 06 2023 09:08 AM

‎Sep 06 2023 09:08 AM

Re: How do I remove HTTP header showing "Microsoft-IIS/10.0"?

The scanning provider removed this item from their scans.  Apparently, it either can't be resolved or they decided it does not represent a vulnerability.

1 Like
Reply