X-Backend-Server Header Information Leak

Type: Passive Scan

Description

The server is leaking information pertaining to backend systems (such as hostnames or IP addresses). Armed with this information an attacker may be able to attack other systems or more directly/efficiently attack those systems.

Solution

Ensure that your web server, application server, load balancer, etc. is configured to suppress X-Backend-Server headers.

Code

Last updated: 2020-04-30 16:12:39.623Z