HawkScan Test Info for Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)

Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)

Reference

Plugin Id: 10037 | CWE: 200

Remediation

To remediate this vulnerability, you should remove or modify the “X-Powered-By” HTTP response header(s) to prevent the leakage of sensitive information. This can be done by following these steps:

  1. Identify the server software: Determine the server software being used (e.g., Apache, Nginx, IIS) and locate the configuration file(s) where the “X-Powered-By” header is set.

  2. Modify the configuration file(s): Edit the configuration file(s) to remove or modify the “X-Powered-By” header. The specific steps will depend on the server software being used.

    • For Apache, locate the main configuration file (e.g., httpd.conf) or the virtual host configuration file and add the following line to remove the header:
      ServerTokens Prod
      

      This will set the ServerTokens directive to Prod, which will remove the “X-Powered-By” header.

    • For Nginx, locate the main configuration file (e.g., nginx.conf) or the server block configuration file and add the following line to remove the header:
      server_tokens off;
      

      This will disable the server token information, including the “X-Powered-By” header.

    • For IIS, open the Internet Information Services (IIS) Manager, select the server node, and open the “HTTP Response Headers” feature. Remove the “X-Powered-By” header from the list of headers.
  3. Restart the server: After making the necessary changes, restart the web/application server to apply the new configuration.

About

The vulnerability occurs when the web/application server includes one or more “X-Powered-By” HTTP response headers in its responses. These headers typically disclose information about the server software or underlying frameworks/components being used by the application. Attackers can leverage this information to identify potential vulnerabilities in these components and launch targeted attacks.

Risks

The risks associated with this vulnerability include:

  • Information disclosure: The “X-Powered-By” header(s) can reveal the server software and other frameworks/components being used by the application. This information can assist attackers in identifying potential vulnerabilities and crafting more effective attacks.

  • Increased attack surface: By disclosing the server software and other components, the attack surface of the application may increase. Attackers can focus their efforts on exploiting known vulnerabilities in these components, potentially compromising the application.

  • Lack of control over information exposure: Without proper configuration, the server may inadvertently leak sensitive information through the “X-Powered-By” header(s). This can lead to a loss of confidentiality and potentially violate compliance requirements.

It is important to address this vulnerability by removing or modifying the “X-Powered-By” header(s) to minimize the risk of information disclosure and reduce the attack surface of the application.