Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Preventing Endpoint Sensor from disclosing the server version information

    • Updated:
    • 21 Jun 2019
    • Product/Version:
    • Trend Micro Endpoint Sensor All.All
    • Platform:
    • Windows 8 32-Bit
Summary

This article discussed how to harden Endpoint Sensor and prevent it from disclosing server version information in the headers.

Details
Public

Since Endpoint Sensor was built on IIS, we can use the URL rewrite module to achieve this.

  1. Download and install the URL rewrite module.
  2. Open the site on which you would like (in this case, choose Endpoint Sensor website) to hide the server header values and click on the URLRewrite section.

    Click URLRewrite

  3. Click on the "View Server Variables" in the Actions pane in the right hand side.
  4. In View Server Variables, click Add then enter "RESPONSE_SERVER" in the textbox provided.

    Server Variables

  5. Add a rule:

    1. Click Add Rule(s) and choose Outbound rules > Blank rule.
    2. Select the following for each field:
      • Precondition: None
      • Matching scope: Server Variable
      • Variable name: RESPONSE_SERVER
      • Using: Regular Expressions
      • Pattern: ".*"
    3. Apply the rule

      Edit Outbound rules

Premium
Internal
Rating:
Category:
Configure
Solution Id:
1123022
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.