This article is a part of our Web Security Knowledge Base (back to index)

Why “Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)” can be dangerous

The "X-Powered-By" header reveals information about the technology used in an application. This can be a valuable hint for hackers who can exploit security weaknesses of the technology.

How to fix “Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)”

Configure your server not to set this header in the response.

How does ScanRepeat report “Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)”

ScanRepeat reports “Server Leaks Information via "X-Powered-By" HTTP Response Header Field(s)” listing all instances of URL resources returned with the header set along with additional information on what should be set to fix this problem.

Would you like to test your application now against this problem? Sign up for our free trial

Scan your application
for 14 days for free

No credit card is required. No commitment.

Sign Up Free