How to remove X-Powered-By: ARR/3.0 from IIS Web Farm?

Question

I am asked to remove all powered-by response headers from an IIS/ARR hosted website. As always I followed the instructions from this article. I applied the required registry configuration , this is the only option worked for me before. The other options does not seem to be a solution for me because the second option is deprecated and the third option does not completely remove the header. I used this solution (Using the Registry key) successfully in the past on other IIS based websites but now it is not working in this case.Any Idea about how can I debug the problem or another potential solution is highly appreciated.

Answer 1

You can find 2 "X-powered-By" headers if you use the arr.

One is X-powered-By: ASP.NET .To disable this, remove it from Response Headers module from both arr server , back-end server ,server level and website level.

Second is X-powered-by: ARR/3.0 .To disable this ,open the arr_scheme.xml file in ARR server.

C:\Windows\System32\inetsrv\Config\Schema\arr_schema.xml

Find this attribute arrResponseHeader and change the defaultValue to false.

Save to file and restart the server, all "X-powered-by" header disappear.

This is test result: