Ao usar o AWS re:Post, você concorda com os AWS re:Post Termos de uso
AWS re:Postre:Post

How to prevent "awselb/2.0" server information exposure in HTTP response header?

0

How to prevent "awselb/2.0" server information exposure in HTTP response header?

Enter image description here

Please provide a solution to the official exposure of "awselb/2.0" to the server response header on AWS.

Example) Option to remove http response header

  • Max Clements ESPECIALISTA
    há 2 meses

    Also, consider opening a support case, and express your use-case why you want to be able to override this header.

Tags
Segurança de rede
Idioma
English
iwnoh
feita há 2 meses578 visualizações
2 Respostas
2

Hi,

According to other re:post answers, It is not possible to configure the ELB to do not expose that header.

However, as a workaround, you can override the value using CloudFront edge functions.

profile picture
ESPECIALISTA
Mikel Del Tio
respondido há 2 meses
profile picture
ESPECIALISTA
Oleksii Bebych
avaliado há 2 meses
profile picture
ESPECIALISTA
Sedat Salman
avaliado há 2 meses
profile picture
ESPECIALISTA
Riku_Kobayashi
avaliado há 2 meses
  • Gary Mclean ESPECIALISTA
    há 2 meses

    Note even when using. Cloudfront the alb will have to be public still(internet facing). Even if you could mask the server header the IP addresses are registered with AWS

0

It is not possible to hide this header directly on Application Load Balancer. Use Amazon CloudFront's Response Headers Policies instead. Please see my response to a similar question on re:Post, on How to prevent "awselb/2.0" server information exposure in HTTP response header.

AWS
Piotrek
respondido há 13 dias

Você não está conectado. Fazer login para postar uma resposta.

Uma boa resposta responde claramente à pergunta, dá feedback construtivo e incentiva o crescimento profissional de quem perguntou.

Diretrizes para responder a perguntas

Conteúdo relevante