Skip to content
DataMiner DoJo

More results...

Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors
Search in posts
Search in pages
Search in posts
Search in pages
Log in
Menu
  • Updates & Insights
  • Questions
  • Learning
    • E-learning Courses
    • Empower Replay: Limited Edition
    • Tutorials
    • Open Classroom Training
    • Certification
      • DataMiner Fundamentals
      • DataMiner Configurator
      • DataMiner Automation
      • Scripts & Connectors Developer: HTTP Basics
      • Scripts & Connectors Developer: SNMP Basics
      • Visual Overview – Level 1
      • Verify a certificate
    • Video Library
    • Books We Like
    • >> Go to DataMiner Docs
  • Expert Center
    • Solutions & Use Cases
      • Solutions
      • Use Case Library
    • Markets & Industries
      • Media production
      • Government & defense
      • Content distribution
      • Service providers
      • Partners
      • OSS/BSS
    • Agile
      • Agile Webspace
      • Everything Agile
        • The Agile Manifesto
        • Best Practices
        • Retro Recipes
      • Methodologies
        • The Scrum Framework
        • Kanban
        • Extreme Programming
      • Roles
        • The Product Owner
        • The Agile Coach
        • The Quality & UX Coach (QX)
    • DataMiner DevOps Professional Program
      • About the DevOps Program
      • DataMiner DevOps Support
  • Downloads
  • More
    • DataMiner Releases & Updates
    • Feature Suggestions
    • Climb the leaderboard!
    • Swag Shop
    • Contact
    • Global Feedback Survey
  • PARTNERS
    • All Partners
    • Technology Partners
    • Strategic Partner Program
    • Deal Registration
  • >> Go to dataminer.services

HTTP access security improvements

Solved2.07K views20th May 2022Cube
3
Piotr Borowski [DevOps Member]550 5th May 2022 2 Comments

Is is possible to:

  • Disable HTTP Server response headers.
  • Disable X-Powered-By response headers.
  • Disabling banners of the services used.
  • Removal of information about the server type / version from the default error pages, eg 404, 403.

This is required for the security reason

Piotr Borowski [DevOps Member] Selected answer as best 20th May 2022
Gellynck Jens [SLC] commented 5th May 2022

Some of the steps will depend on your IIS version, which IIS version are you running? You can find this by executing the following PowerShell command: Get-ItemProperty -Path registry::HKEY_LOCAL_MACHINESOFTWAREMicrosoftInetStp | Select-Object

Piotr Borowski [DevOps Member] commented 6th May 2022

we got IIS 10.0

1 Answer

  • Active
  • Voted
  • Newest
  • Oldest
1
Gellynck Jens [SLC]2.71K Posted 6th May 2022 1 Comment

Hi Piotr,

I was still planning on documenting these steps, so I went ahead and did it now. The procedures are still being reviewed, but you can access them already on our docs GitHub.

Note: for the Server header, IIS does not allow to completely remove it. That’s why we need to create a Rewrite Rule to clear its value. Since IIS 10 there is a removeServerHeader setting, but I’ve tried this on several servers and it does not work. Neither did setting the DisableServerHeader registry key.

To remove the server type/version from the error pages, you could set the customErrors mode on ‘On‘ or ‘RemoteOnly‘ in C:\Skyline DataMiner\Webpages\API\Web.config, but please be aware that this will have an impact on the error handling of the DataMiner Web applications and APIs.

PS: These settings will bring little extra security if your DataMiner system is not HTTPS only. So if you have not configured HTTPS yet, I strongly recommend enabling HTTPS.

Piotr Borowski [DevOps Member] Selected answer as best 20th May 2022
Gellynck Jens [SLC] commented 6th May 2022

Documentation has now been published: https://docs.dataminer.services/user-guide/Advanced_Functionality/Security/Advanced_security_configuration/WebServer_security/HTTP_Headers.html

Please login to be able to comment or post an answer.

My DevOps rank

DevOps Members get more insights on their profile page.

My user earnings

0 Dojo credits

Spend your credits in our swag shop.

0 Reputation points

Boost your reputation, climb the leaderboard.

Promo banner DataMiner DevOps Professiona Program
DataMiner Integration Studio (DIS)
Empower Katas
Privacy Policy • Terms & Conditions • Contact

© 2025 Skyline Communications. All rights reserved.

DOJO Q&A widget

Can't find what you need?

? Explore the Q&A DataMiner Docs