Forum Discussion
APM Returning "Big IP" in Server field, but need to hide that information.
I have one of my customers running through APM for some SAML authentication. One of their concerns is that when inspecting some headers the Server field is populated with "Big IP", while the customer would prefer another layer of security through obfuscation.
It appears that the "Server: Big IP" field is being populated after the 302 redirect from APM when /my.policy is served.
Is it possible to hide this field?
Due to it being in APM I believe I will need this statement:
when CLIENT_ACCEPTED {
to get access to restricted URIs
ACCESS::restrict_irule_events disable
}
However, in the irule, is there a way to tell the BigIP to return a different, or no, value in the Server field?
Is there a way to do it in the HTTP profile maybe?
Thanks.
- gdoyleCirrostratus
Resolved this issue by creating a custom HTTP profile and editing the "Server Agent Name" field to a unique value.
Recent Discussions
Related Content
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com