Server - HTTP 编辑

The Server header describes the software used by the origin server that handled the request — that is, the server that generated the response.

Avoid overly-detailed Server values, as they can reveal information that might make it (slightly) easier for attackers to exploit known security holes.

Syntax

Server: <product>

Directives

<product>

The name of the software or product that handled the request. Usually in a format similar to User-Agent.

How much detail to include is an interesting balance to strike; exposing the OS version is probably a bad idea, as mentioned in the earlier warning about overly-detailed values. However, exposed Apache versions helped browsers work around a bug those versions had with Content-Encoding combined with Range.

Examples

Server: Apache/2.4.1 (Unix)

Specifications

Browser compatibility

BCD tables only load in the browser

See also

• Allow