Laravel Question posted in
The official Laravel Documentation can be found here.

Laravel – How to remove the "Server" tag from the header of my server response

I set up a Laravel and an Express Node and I want to eliminate the "Server" label that the server returns in the response.

I made a middleware to remove said label but I still can’t remove it.

Does anyone know how I can activate it?

Response Headers

PHP: The header_remove does not work, nor does modifying it for an empty one.

class removeServerHeader
{
    /**
     *
     * @param  IlluminateHttpRequest  $request
     * @param  Closure  $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next)
    {
        $response = $next($request);
        $response->headers->remove('X-OpenSSL-Version');
        $response->headers->remove('x-powered-by');
        $response->headers->remove('Server');
        $response->header('Strict-Transport-Security', 'max-age=31536000; includeSubdomains');
        return $response;
    }
}

Node: res.removeHeader(‘Server’); doses not work.

const removeServerHeader = (req, res, next) => {
  res.removeHeader('Server');
  next();
};
Tags:

2

Answers


  1. 0

    You need to remove the header on nginx or apache. server_tokens off;

    sudo nano /etc/nginx/nginx.conf;

server_tokens off;

    do you have access to the configuration?

    Login or Signup to reply.
  2. 0

    Laravel: Configure your web server (Apache or Nginx) to remove the header. In Apache, use Header unset Server in the configuration. In Nginx, use server_tokens off; in the config.

    Node.js Express: Place res.removeHeader('Server'); at the start of your middleware stack. If using a reverse proxy like Nginx, configure it similarly to Nginx in Laravel.

    Ensure no other parts of your app or infrastructure (like CDNs or load balancers) are adding the header back.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search