← Older revision
Revision as of 16:58, 26 June 2013
(7 intermediate revisions by one user not shown)
Line 24:
Line 24:
{| class="wikitable" style="text-align: center; "
{| class="wikitable" style="text-align: center; "
+
|+ '''[http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.38 Server HTTP header] metadata collected'''
|'''Server HTTP header'''
|'''Server HTTP header'''
|'''Description'''
|'''Description'''
Line 83:
Line 84:
|Web server using [http://www.litespeedtech.com/docs/webserver/intro/ LiteSpeed technology] (Apache based)
|Web server using [http://www.litespeedtech.com/docs/webserver/intro/ LiteSpeed technology] (Apache based)
|[http://www.litespeedtech.com/support/forum/showthread.php?t=4893 How to hide version]
|[http://www.litespeedtech.com/support/forum/showthread.php?t=4893 How to hide version]
+
|-
+
|Alterian-CME/X.X
+
|Web server using [http://www.sdl.com/products/acm/ SDL ACM]
+
|[http://www.sdl.com/aboutus/news/pressreleases/2012/sdl_acquires_alterian.html SDL acquires Alterian]
+
|-
+
|Tengine
+
|Web server using [http://tengine.taobao.org/index.html Tengine technology] (nginx based)
+
|Need more information
+
|-
+
|eZ Publish
+
|Web server using [http://ez.no/ EZ technology]
+
|[http://es.wikipedia.org/wiki/EZ_Publish Open Source CMS]
+
|-
+
|GSE
+
|Web server using [https://code.google.com/p/opengse/ Google infrastructure] (blogger)
+
|Need more information
+
|-
+
|gws
+
|Web server using [http://en.wikipedia.org/wiki/Google_Web_Server#Software Google infrastructure] (search pages)
+
|Need more information
+
|-
+
|sffe
+
|Web server using [http://en.wikipedia.org/wiki/Google_Web_Server#Software Google infrastructure] (static files)
+
|Need more information
+
|-
+
|tfe
+
|Web server using [http://www.twitter.com/ Twitter infrastructure]
+
|Need more information
+
|-
+
|YTS
+
|Web server using [http://www.yahoo.com/ Yahoo! infrastructure]
+
|Need more information
+
|-
+
|cloudflare-nginx
+
|Web server using [https://www.cloudflare.com/ CloudFlare infrastructure]
+
|Need more information
|}
|}
{| class="wikitable" style="text-align: center; "
{| class="wikitable" style="text-align: center; "
+
|+ '''[http://en.wikipedia.org/wiki/List_of_HTTP_header_fields Powered-by HTTP header] metadata collected (this header isn't an HTTP standard)'''
|'''Powered-by HTTP header'''
|'''Powered-by HTTP header'''
|'''Description'''
|'''Description'''
|'''More information'''
|'''More information'''
|-
|-
−
|
Apache
/
X
.
X
+
|
PHP
/
x
.
x
−
|Web server using [http://
www
.
apache.org
/
Apache
]
technology
+
|Web server using [http://
php
.
net
/
PHP technology
]
−
|[http://
news
.
netcraft.com
/
archives
/
category
/
web
-
server-survey/ Technology lider in Internet
]
+
|[http://
php
.
net
/
manual
/
en
/
function.header
-
remove.php How to remove header
]
|-
|-
−
|Microsoft-
IIS
/X
+
|
ASP.NET
−
|Web server using [http://www.iis.net/
Microsoft
IIS technology]
+
|Web server using [http://www.asp.net/
Microsoft
ASP technology]
−
|[http://blogs.
technet
.
com/b
/
stefan_gossner
/archive/
2008
/
03
/
12
/
iis
-
7
-
how
-
to
-
send
-
a
-
custom
-
server
-
http
-
header
.aspx
How to modify this
header]
+
|[http://www.iis.net/configreference/system.webserver/httpprotocol/customheaders Custom headers]
+
|
-
+
|Servlet
/
X.X JSP/X.X
+
|Web server using [http://tomcat.apache.org/ Tomcat application server]
+
|[https://issues.apache.org/bugzilla/show_bug.cgi?id=48006 Header implementation]
+
|-
+
|Plesklin
+
|Web server using [http://www.parallels.com/es/products/plesk/addons/ Parallels technology]
+
|[http://forum.parallels.com/showthread.php?260694-Disable-HTTP-header-X-Powered-By-PleskLin How to disable header]
+
|-
+
|(mod_rails/mod_rack)
+
|Web server using [http://rubyonrails.org/ Ruby on Rails technology]
+
|[http://en.wikipedia.org/wiki/Phusion_Passenger Phusion Passenger]
+
|-
+
|ARR/X.
X
+
|Web server using [http://www.iis.net/
downloads/microsoft/application-request-routing
IIS
with request routing
technology]
+
|[http://blogs.
iis
.
net
/
finbarryan
/archive/
2013
/
06
/
05
/
application
-
request
-
routing
-
and
-
server
-
headers
-
quot
-
x
-
powered
-
by-arr-2-5-quot
.aspx
More
header
information
]
|}
|}
{| class="wikitable" style="text-align: center; "
{| class="wikitable" style="text-align: center; "
+
|+ '''HTML metadata collected which could allow [https://www.owasp.org/index.php/OWASP_Periodic_Table_of_Vulnerabilities_-_Fingerprinting fingerprinting] '''
|'''HTML metadata'''
|'''HTML metadata'''
|'''Description'''
|'''Description'''