Difference between revisions of "IIS"

From Max's Wiki
Jump to navigation Jump to search
 
Line 3: Line 3:
  
 
==HTTP Header==
 
==HTTP Header==
- To modify header is not only related to App
+
#To modify header is not only related to App
- Server name is not exposer “Microsoft-HTTPAPI/2.0”.  
+
#Server name is not exposer “Microsoft-HTTPAPI/2.0”.  
- Pre-auth was done in the test.
+
#Pre-auth was done in the test.
- The explanation is: If the response's Server header returns Microsoft-HttpApi/2.0, it means that the HTTP.sys is being called, not IIS.  
+
#The explanation is: If the response's Server header returns Microsoft-HttpApi/2.0, it means that the HTTP.sys is being called, not IIS.  
- Navigate HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\ If DisableServerHeader doesn't exist, create it (DWORD 32bit) and give it a value of 2. If it does exist, and the value isn't 2, set it to 2  
+
#Navigate HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\ If DisableServerHeader doesn't exist, create it (DWORD 32bit) and give it a value of 2. If it does exist, and the value isn't 2, set it to 2  
- Who's that the answer is the ADFS.  
+
#Who's that the answer is the ADFS.  
- Registry entry has to be done on the ADFS.
+
#Registry entry has to be done on the ADFS.
- It will affect everything  
+
#It will affect everything  
- It is not IIS hence it does not have to be done on the WAP (reverse proxy)
+
#It is not IIS hence it does not have to be done on the WAP (reverse proxy)
- ADFS has to be updated on the registry.
+
#ADFS has to be updated on the registry.
- to whom response, it can be done.
+
#to whom response, it can be done.
 +
 
 +
Resources: https://blogs.msdn.microsoft.com/dsnotes/2017/12/18/wswcf-remove-server-header/

Latest revision as of 00:19, 11 February 2019

Restart IIS

Click Start, click Run type IISReset, and then click OK.

HTTP Header

  1. To modify header is not only related to App
  2. Server name is not exposer “Microsoft-HTTPAPI/2.0”.
  3. Pre-auth was done in the test.
  4. The explanation is: If the response's Server header returns Microsoft-HttpApi/2.0, it means that the HTTP.sys is being called, not IIS.
  5. Navigate HKLM\SYSTEM\CurrentControlSet\Services\HTTP\Parameters\ If DisableServerHeader doesn't exist, create it (DWORD 32bit) and give it a value of 2. If it does exist, and the value isn't 2, set it to 2
  6. Who's that the answer is the ADFS.
  7. Registry entry has to be done on the ADFS.
  8. It will affect everything
  9. It is not IIS hence it does not have to be done on the WAP (reverse proxy)
  10. ADFS has to be updated on the registry.
  11. to whom response, it can be done.

Resources: https://blogs.msdn.microsoft.com/dsnotes/2017/12/18/wswcf-remove-server-header/

Retrieved from "http://manaiakalani.info/wiki/index.php?title=IIS&oldid=10106"