Identity Provider

Disable IIS header information on the Identity Provider

For security purposes, Milestone recommends that you disable the server header on the Identity Provider application.

The server header describes the software used by the server of original that handles a request. Disable this header by doing the following.

Note: This is only applicable for IIS 10 and above.

1. Open the IIS Manager.
2. Under the Default website, select IDP.
3. Open the Configuration Editor.
4. Select the section system.webServer/security/requestFiltering.
5. Set removeServerHeader to True.