IIS reveals internal IP address in content-location field
Posted
by saille
on Server Fault
See other posts from Server Fault
or by saille
Published on 2010-03-16T01:12:50Z
Indexed on
2010/03/16
1:20 UTC
Read the original article
Hit count: 460
Referring: http://support.microsoft.com/kb/q218180/, there is a known issue in IIS4/5/6 whereby it will reveal the internal IP of a web server in the content-location field of the HTTP header.
We have IIS 6. I have tried the fix suggested, but it has not worked. The website is configured to send all requests to ASP.NET, and I am wondering if this is why the fix, which addresses IIS configuration, has not worked for us.
If this is the case, how would we fix this in ASP.NET?
We need to fix this issue in order to pass a security audit.
© Server Fault or respective owner