Forum Discussion
nathe
Jan 31, 2017Cirrocumulus
nat
It depends on what you really mean by "server cloaking". In its simplest form this would be preventing response headers from exposing backend server information i.e. application in use and its version. Is this what you mean?
If so, then ASM removes the Server response HTTP header by default so this is one way to perform server cloaking. To check this is working fire up your favourite HTTP inspection app (fiddler, httpwatch, httpfox, developer tools etc.) and check the response headers from a web app behind an ASM.
Hope this helps,
N