Hi all,
I don't want the world to know that I'm using IIS and therefore I'd like to masquerade some data for security reasons.
A port scan with nmap gave me this result:
PORT STATE SERVICE VERSION
80/tcp open http Microsoft IIS httpd
How can I suppress the string "Microsoft IIS httpd" (or change it) in IIS 10?
I already set HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\DisableServerHeader to value 2, denied the HTTP verbs OPTIONS and TRACE and rewrote the variable RESPONSE_SERVER in HTTP headers. This helped to remove other exposure, but I have no clue how to remove the string mentioned above.
Any help would be greatly appreciated.
Thanks so much for your efforts in advance.
All the best,
Ben