Caddy disable servertoken

Published on 06.03.2018 - 11:48 - 1 minute read

Quick note: i had to disable the servertoken of a caddyserver. For this you need to set within a header block the parameter -Server. Something like this:

# Disable the server token, to prevent information disclosure 
# Avoids enumeration in servics like shodan.io
# https://caddyserver.com/docs/header 
header / -Server

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.