Skip to Main Content
Feature Request FR-4140
Product Area Security
Status CLOSED

1 Voters

Hide Server banner information

srinivas.kikkuru Public
· Dec 9 2024

Idea Summary
Web server reveals its software name and other details in its HTTP headers. Which may be a potential threat at security side.

Use Case
Input Validation issues. Impact • Information Gathering: It aids attackers in the reconnaissance phase, allowing them to gather detailed information about the server and its configuration. • Attackers can use the disclosed information to launch targeted attacks against known vulnerabilities in the specific server version. potentially leading to unauthorized access, data breaches, or service disruptions.

Preferred Solution (Optional)
Hide Server Banners: Configure the web server to hide or minimize the information disclosed in the server headers

We reviewed this idea carefully and came to the conclusion that it does not constitute an appropriate APEX feature request.

Comments

Comments

  • vincent morneau Admin OP 4 weeks ago

    Hi @srinivas.kikkuru ,

    We discussed this idea today and came to the conclusion that this is a web tier level concern, not APEX.