It looks like website Signatures are switched on. This can mean that the server is identifying the type of webserver and version that it is running which
can be used by a malicious user to potentially compromise this website.
This is what the server is responding with:
How to Fix
Apache: In Ubuntu, you need to change the following file: /etc/apache2/apache2.conf or httpd.conf
ServerSignature Off
ServerTokens Prod
Windows: Install Microsoft UrlScan 3.1 download from
here.
Alternatively on IIS 7/8 use Request Filtering
here.
Well done, this website has Powered-By-X details or X-ASPNet-Version switched off.
This is what the server is responding with:
It looks like this website is not hiding the website engine it is running, which is identified by the Powered-By-X or X-ASPNet-Version data field in the response headers.
This is what the server is responding with:
How to Fix
PHP: Edit the php.ini file and modify the following value
expose_php = Off
ASP.NET: Add the following content inside the
<system.web> element in your application's Web.config file:
<httpRuntime enableVersionHeader="false" />