Forum Discussion

Nimbostratus

Mar 03, 2020

Web Server HTTP Header Internal IP Disclosure

One of my virtual servers returns the vulnerability Web Server HTTP Header Internal IP Disclosure during a Nessus scan. Security is asking me to fix this but I am not sure how. I tried creating a tra...

Nimbostratus

Mar 03, 2020

I am using an encrypted cookie. I also tried removing the server agent name from the http profile. Nessus still detects the location IP.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

Web Server HTTP Header Internal IP Disclosure

F5 Academy at AppWorld 2026

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

How can I get started with iCall

Connection Rest f5

Kubernetes cert-manager + LetsEncrypt + F5

The GSLB pool is providing an incorrect IP to end users

Unable to ping from some self ip on Velos

Related Content

Coordinated Vulnerability Disclosure: A Balanced Approach

2 internal server vlans

Mitigate OWASP LLM Security Risk: Sensitive Information Disclosure Using F5 NGINX App Protect

F5 BIG-IP Cookie Remote Information Disclosure (20089)

F5 Releases Out of Band Disclosure in Conjunction With Rapid7

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS