By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

How to prevent "awselb/2.0" server information exposure in HTTP response header?

0

How to prevent "awselb/2.0" server information exposure in HTTP response header?

Enter image description here

Please provide a solution to the official exposure of "awselb/2.0" to the server response header on AWS.

Example) Option to remove http response header

  • Max Clements EXPERT
    2 months ago

    Also, consider opening a support case, and express your use-case why you want to be able to override this header.

Tags
Network Security
Language
English
iwnoh
asked 2 months ago493 views
1 Answer
2

Hi,

According to other re:post answers, It is not possible to configure the ELB to do not expose that header.

However, as a workaround, you can override the value using CloudFront edge functions.

profile picture
EXPERT
Mikel Del Tio
answered 2 months ago
profile picture
EXPERT
Oleksii Bebych
reviewed 2 months ago
profile picture
EXPERT
Sedat Salman
reviewed 2 months ago
profile picture
EXPERT
Riku_Kobayashi
reviewed 2 months ago
  • Gary Mclean EXPERT
    2 months ago

    Note even when using. Cloudfront the alb will have to be public still(internet facing). Even if you could mask the server header the IP addresses are registered with AWS

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content