After penetration tests, it might be found that the server version is exposed in some HTTP responses. This could result in an attacker performing some application-specific attacks.
This header is not returned by KTA or even IIS. Windows has an HTTP service that manages calls to IIS and other HTTP enabled services on a windows machine. This HTTP service is what is causing the server header to be returned in the response.
- In the registry of the KTA server, go to HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters
- Create a DWORD called DisableServerHeader if one does not already exist
- Set the value to 1
- Reboot the machine
Preventing this header from being returned by the HTTP service can be achieved using the below steps:
This header can be disabled usin
Level of Complexity
Remove Unwanted HTTP Responses (https://techcommunity.microsoft.com/...rs/ba-p/369710)