Forum Discussion

Nimbostratus

Mar 03, 2020

Web Server HTTP Header Internal IP Disclosure

One of my virtual servers returns the vulnerability Web Server HTTP Header Internal IP Disclosure during a Nessus scan. Security is asking me to fix this but I am not sure how. I tried creating a tra...

Nimbostratus

Mar 03, 2020

I am using an encrypted cookie. I also tried removing the server agent name from the http profile. Nessus still detects the location IP.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Web Server HTTP Header Internal IP Disclosure

Security Best Practices for F5 Products

F5 AppWorld 2026 Registration - early bird pricing.

Kostas Injeyan - October 2025 Featured Member

Recent Discussions

Cannot ping external interface

Disastser Recovery

F5 breaking Exchange authentication

Dump all host running services during APM logon

External Data Group Import Failing.

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

2 internal server vlans

Mitigate OWASP LLM Security Risk: Sensitive Information Disclosure Using F5 NGINX App Protect

F5 BIG-IP Cookie Remote Information Disclosure (20089)

F5 Releases Out of Band Disclosure in Conjunction With Rapid7

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS