Goal
- Prevent the risk of intrusion on the server.
- Prevent the appearance of malicious content or scripts on the site.
Implementation
Do not communicate via the HTTP headers sent by the server any information on the software and languages used on the server side, in particular via the Server, X-Powered-By and X-AspNet-Version headers.
Control
Check that the HTTP headers sent by the server do not give any information on the software and languages used on the server side.
Discover Opquast training and certification
The objective of these rules and the Opquast community mission is ‘making the web better’ for your customers and for everyone! Opquast rules cover the key major areas of risk that can negatively affect website users such as privacy, ecodesign, accessibility and security.
Opquast training has already allowed over 19,000 web professionals to have their skills certified. Train your teams, contact us
We offer a 1 hour free discovery module.