Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE

Server Information In HTTP Header - Microsoft-HTTPAPI/2.0

No ratings
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sonja_Bauernfeind
Digital Support
Digital Support

Server Information In HTTP Header - Microsoft-HTTPAPI/2.0

Last Update:

Feb 6, 2023 2:22:11 AM

Updated By:

Sonja_Bauernfeind

Created date:

Sep 5, 2018 10:11:37 PM

HTTP Response Header exposes Microsoft-HTTPAPI/2.0 as the server source. An attacker could use this information to expose known vulnerabilities for the server source.

 

55820.png

 

Resolution

This header is included in the HTTP header by .NET framework, which means it can not be directly controlled by Qlik software. 

The header is only added in Qlik software that runs in Windows environment, for example Qlik Sense Enterprise for Windows and QlikView Web Server. 

There are two main approaches to removing this HTTP header;

  1. Disable the server header for WCF Services in the Windows registry, as described in https://blogs.msdn.microsoft.com/dsnotes/2017/12/18/wswcf-remove-server-header/
  2. Suppress the HTTP header through a reverse proxy if this exists in front of Qlik Sense in the current deployment. For option details on this option, consult reverse proxy documentation. If you require assistance implementing the solution, our professional services are happy to be engaged.

 

Environment

Qlik Sense Enterprise on Windows, all version
QlikView, all versions
Qlik NPrinting, all versions

 

Internal Investigation IDs:

  • QLIK-90522
Qlik Sense Enterprise on Windows
Thumbnail of Qlik Sense Enterprise on Windows
Qlik Sense Enterprise on Windows
QlikView
Thumbnail of QlikView
QlikView
Qlik NPrinting
Thumbnail of Qlik NPrinting
Qlik NPrinting
Labels (2)
10,738 Views
Was this article helpful? Yes No
Comments
Luck
Partner - Contributor II
Partner - Contributor II
‎2023-02-05 09:23 PM

Hi @Sonja_Bauernfeind ,

is this article still relevant for qlik sense August 2022 Patch 5 on windows server 2019?

If so,how to proceed disabling the server header for WCF Services in Windows registry if the deployment is on a multi-node qlik sense site?

as the registry update usually need a server restart, do we restart from the rim nodes, or the central node when the registry is updated, or is there a specific step to follow?

Sonja_Bauernfeind
Digital Support
Digital Support
‎2023-02-06 02:59 AM

Hello @Luck 

This topic relates to the operating system itself rather than Qlik Sense, so the Qlik Sense Enterprise on Windows version is irrelevant in these situations.

You would need to make this change on whichever node you use to host the hub (so, the proxy nodes).

As for restarting, see How to restart the Qlik Sense Enterprise on Windows services 

Rim nodes will not have all services installed. Rim node services can be stopped or started in any order after the central node has been stopped or started. 

All the best,
Sonja 

Version history
Last update:
‎2023-02-06 02:22 AM
Updated by:
Digital Support