Removing SharePoint 2013 Version form HTTP Header


In some organization you may meet requirements to remove the SharePoint version from HTTP response header for security reasons.

This is a snapshot of Fiddler response header from SharePoint 2013

Our goal is remove the MicrosoftSharePointTeamServices: 15.0.0.4420

To do this,

Go to “C:\inetpub\wwwroot\wss\VirtualDirectories\<your app virtual directory>”

In the web.config file go to system.webserver >> httpProtocol >> customHeaders

Add the following line <remove name=MicrosoftSharePointTeamServices/>

Go again to fiddler to see the result

NOTE: this may effect other applications like InfoPath.

Advertisements

7 thoughts on “Removing SharePoint 2013 Version form HTTP Header

  1. if the goal is to hide all sharepoint marks in response you have to hide “X-SharePoinHealthScore” header also

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s