homeGet URLScan from Microsoft - The best
way to do this is to download and install the IIS lockdown tool from Microsoft.
[http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/tools/locktool.asp]
Once that is installed according to the setup of your web server (be sure to choose URL Scan during install) you'll need to go to your systemroot\system32\inetsrv\urlscan directory and open the urlscan.ini file in notepad or any standard text editor.
Once you have his file open, change the line RemoveServerHeader=0 to look like this:
RemoveServerHeader=1
This is set server wide, so it will effect all sites run on that server. You will have to restart IIS in order for the change to take effect.
| server header home | contact | link to us | privacy | tips | other resources |