Module Description
Overview
The Remove HTTP headers module removes configured HTTP headers from the response. Also removes <meta name="Generator" content="Drupal 8 (https://www.drupal.org)"> from the <head> tag if the X-Generator HTTP header is configured to be removed. By default the X-Generator, X-Drupal-Dynamic-Cache and X-Drupal-Cache HTTP headers are configured to be removed.
Motivation The initial idea of this module is to obfuscate that your website is running on Drupal. However this module can of course be used for other purposes as well.
Disclaimer Be aware that there are also other ways than HTTP headers to find out if Drupal is used by a website. Obfuscation is not a replacement for a secure website. Make sure you always have the latest security updates installed and are writing secure code in your custom modules and themes.
Features
* Remove configured HTTP headers from responses.
* <meta name="Generator" content="Drupal 8 (https://www.drupal.org)"> from the <head> tag if the X-Generator HTTP header is configured to be removed.
Installation
Install as you would normally install a contributed Drupal module. Visit: https://www.drupal.org/docs/8/extending-drupal-8/installing-drupal-8-mod... for further information.
Configuraton
* Configure the HTTP headers that should be removed on the settings page (/admin/config/system/remove-http-headers) or directly in the remove_http_headers.settings.yml configuration file.
* Use the following format: headers_to_remove: - 'X-Generator' - 'X-Drupal-Dynamic-Cache' - 'X-Drupal-Cache'
Requirements
* This module requires Drupal 8.6 or above.
* No additional modules are needed.
The Remove HTTP headers module removes configured HTTP headers from the response. Also removes <meta name="Generator" content="Drupal 8 (https://www.drupal.org)"> from the <head> tag if the X-Generator HTTP header is configured to be removed. By default the X-Generator, X-Drupal-Dynamic-Cache and X-Drupal-Cache HTTP headers are configured to be removed.
Motivation The initial idea of this module is to obfuscate that your website is running on Drupal. However this module can of course be used for other purposes as well.
Disclaimer Be aware that there are also other ways than HTTP headers to find out if Drupal is used by a website. Obfuscation is not a replacement for a secure website. Make sure you always have the latest security updates installed and are writing secure code in your custom modules and themes.
Features
* Remove configured HTTP headers from responses.
* <meta name="Generator" content="Drupal 8 (https://www.drupal.org)"> from the <head> tag if the X-Generator HTTP header is configured to be removed.
Installation
Install as you would normally install a contributed Drupal module. Visit: https://www.drupal.org/docs/8/extending-drupal-8/installing-drupal-8-mod... for further information.
Configuraton
* Configure the HTTP headers that should be removed on the settings page (/admin/config/system/remove-http-headers) or directly in the remove_http_headers.settings.yml configuration file.
* Use the following format: headers_to_remove: - 'X-Generator' - 'X-Drupal-Dynamic-Cache' - 'X-Drupal-Cache'
Requirements
* This module requires Drupal 8.6 or above.
* No additional modules are needed.
Module Link
Project Usage
8721
Security Covered
Covered By Security Advisory
Version Available
Production
Module Summary
The Remove HTTP headers module aims to obfuscate the fact that a website is running on Drupal by removing configured HTTP headers from the response.
Data Name
remove_http_headers
OPENAI CHATBOT
OPENAI CHATBOT
