Hi,
I have a requirement to mask the server HTTP header. This is working for the application by using a rewrite rule in the application web.config file.
However, the application also has an inbound rule doing HTTP to HTTPS redirection. When this rule gets used, the header on the redirection doesn't have the server header masked.
Here is an example:
<rewrite xdt:Transform="Insert">
<rules>
<rule name="HTTPS rewrite behind load balancer" stopProcessing="true">
<match url="^$" />
<conditions>
<add input="{HTTP_X_FORWARDED_PROTO}" pattern="^http$" ignoreCase="false" />
</conditions>
<action type="Redirect" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule>
</rules>
<outboundRules rewriteBeforeCache="true">
<rule name="Remove Server header">
<match serverVariable="RESPONSE_Server" pattern=".+" />
<action type="Rewrite" value="" />
</rule>
</outboundRules>
</rewrite>
Any suggestions?
Thanks,
Andrew.