There are plenty of other ways to fingerprint an HTTP server other than relying on a customisable `Server` header. Security through obscurity won't help you when someone actually wants to know which server you're using.
This is great news! Thank you Matt, and everyone else who has contributed to such an amazing project :)
There are plenty of other ways to fingerprint an HTTP server other than relying on a customisable `Server` header. Security through obscurity won't help you when someone actually wants to know which server you're using.
This is great news! Thank you Matt, and everyone else who has contributed to such an amazing project :)