Forum Discussion

mo_ibrahim_3636

Nimbostratus

Jun 07, 2018

ASM detection

how do i prevent to detect the web server operating system and platform ?

Cumulonimbus

Hi,

you can use an irule to remove unwanted header:

when HTTP_RESPONSE { 

    Remove all instances of the Server header 
   HTTP::header remove Server 

    Remove all headers starting with x- 
   foreach header_name [HTTP::header names] { 

      if {[string match -nocase x-* $header_name]}{ 

         HTTP::header remove $header_name 
      }
   }
}

In all case you will need to know what's header you want to remove, Once you know what it is they're looking for you could then obfuscate those header or removes it as above...

Regards

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

ASM detection

Recent Discussions

How to export a list of paired external service providers from APM?

How to Renew F5 Device Certificate

BIG IP LTM - Multiple application on single VIP with multiple ports allowed.

Service discovery is not happening in AS3

Statistics ›› Analytics : HTTP : Overview

Related Content

F5 Distributed Cloud JA4 detection for enhanced performance and detection

JA4 Part 2: Detecting and Mitigating Based on Dynamic JA4 Reputation

SSL Orchestrator Advanced Use Cases: Detecting Generative AI

Bidirectional Forwarding Detection (BFD) Protocol Cheat Sheet

Operationlizing Online Fraud Detection, Prevention, and Response

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS