cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4225
Views
20
Helpful
4
Replies

Block or Disable HTTP Server Version Information on ASA?

motown5069
Level 1
Level 1

Is there a way within the ASA that I can block or disable the http header information obtained during external scans? Specifically the http server version 1.0 etc.

4 Replies 4

Panos Kampanakis
Cisco Employee
Cisco Employee

"no http server enable" will stop the ASA from doing HTTP.

Not if you are doing webvpn then you can't avoid it responding to HTTP requests.

I hope it helps.

PK

pkampana: We are indeed using the webvpn functionality within the appliance for ssl remote access sessions. Do you know if there is any documentation that supports this position? It can't be disabled in other words? I have not been able to find it. Thanks a million for your response also!

There is no documentation (other than this post) that indicates that the version in the ASA's web server can't be

removed/disabled.

However, please be aware that the ASA web server is custom built, for a very specific capability (management and webvpn), and as such generally doesn't suffer from any of the vulnerabilities that exist in standard web servers.

Sincerely,


David.

Thank you for the follow up information David! Great information and Forum.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: