X-Backend-Server Header Information Leak

Type: Passive Scan


The server is leaking information pertaining to backend systems (such as hostnames or IP addresses). Armed with this information an attacker may be able to attack other systems or more directly/efficiently attack those systems.


Ensure that your web server, application server, load balancer, etc. is configured to suppress X-Backend-Server headers.


Last updated: 2020-04-30 16:12:39.623Z