Wing FTP Software

The official forum of Wing FTP Software
https://bbs.wftpserver.com/

Sanitize HTTP Headers

https://bbs.wftpserver.com/viewtopic.php?t=3988

Page 1 of 1

Sanitize HTTP Headers

Posted: Mon Apr 22, 2024 6:23 pm
by joseph
We have found that the HTTP Server Signature header returned by WingFTP has the name of the person who purchased the license included. For example if a person named Bob Jones purchased the license, then the HTTP Server Signature that is returned is "WingFTP Server(Bob Jones)"

Given how many random internet scanners hit every IP looking for endpoints to brute force, this disclosure is not ideal. I would like to request that the individual name be removed from the HTTP response headers and that it only be "WingFTP Server"

Re: Sanitize HTTP Headers

Posted: Tue Apr 23, 2024 12:45 am
by FTP
OK, it is possible to change the string "Wing FTP Server" into your own identifier, but the string "Bob Jones" is used to validate the license, so you can't remove that string.

And we had already sent an email to you about how to change the string "Wing FTP Server".
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited