From the course: ASP.NET: Security
Join today to access over 24,700 courses taught by industry experts.
Hiding more server information
From the course: ASP.NET: Security
Hiding more server information
- [Instructor] The browser developer tools tell us which http headers with revealing information are sent and version number, the asp.net version number, even the MVC version number, and well, that we are using asp.net. Not all of them are super critical, but let's get rid We start in web.config and as you have seen on the slides there are a few settings which we can do here, First of all we set the http protocol settings to add and to remove unwanted headers and wanted headers of course. So let's start with removing the x-powered-by http header because we do not want that one and we can only remove it here. If you want the application to be hosted on Azure eventually you have to add the x-liveupgrade header and set it to zero otherwise some of our settings And then we have to add the security node and it might look a little bit different on your system but on most systems the following will happen, so we defend a security…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
(Locked)
Introduction27s
-
(Locked)
Securing cookies6m 11s
-
(Locked)
Securing sessions6m 7s
-
Setting cookie attributes in the app1m 37s
-
(Locked)
Enforcing HTTPS3m 12s
-
(Locked)
Error handling4m 6s
-
(Locked)
Hiding server information2m 50s
-
(Locked)
Hiding more server information3m 34s
-
(Locked)
Security HTTP headers4m 15s
-
(Locked)
-