How can I remove "aswelb/2.0" in the HTTP Response Header?

2

Enter image description here

How can I remove that "awselb/2.0" in the HTTP Response Server Header?

asked a year ago11970 views
3 Answers
2

Note AWS team this is being reported by Penetration Testing firms as an information disclosure vulnerability. Request that action is taken to address..

Dave
answered 7 months ago
0

Unfortunately, there is no option to remove the header at this time. If you deploy 3rd Party Solution like F5 WAF, you can cloak server information.

profile pictureAWS
answered a year ago
  • Can we hide or change that awselb/2.0 to other name.

0

It's not customizable at the moment. A workaround would be to front the ALB with CloudFront and use edge functions to override the Server header with none, as briefly illustrated here: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-examples.html#lambda-examples-overriding-response-header

AWS
weidi
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions