How to hide BIG-IP from Shodan.io?

Question

Hi We have website when I check our website in Shodan.io it shows that we are using BIG-IP.. How can we hide this information?

simon_blakely · Answer

You need to figure out how Shodan.io has determined that you are using a BigIP for your virtual server.&nbsp;It may be that an irule (for redirection, maybe) responds with a Server header (BigIP) - you can disable this with the -noserver flag.&nbsp;If the website is HTTPS, it may use TLS fingerprinting (if you use DEFAULT as the cipher string).&nbsp;They may just use TCP OS fingerprinting, which is fairly marginal.&nbsp;I don't really know - I'm not too familiar with Shodan.&nbsp;However, just knowing that a service is accessed via a BigIP does not say particularly much about it (apart from attacking irules). It might be better than Shodan determining and revealing that the site is running on an older version of IIS or something else that may provide more useful information to an attacker ...&nbsp;Edit:&nbsp;As far as I can see, Shodan picks up on the Server: BigIP header used when an irule generates a response to the client. You can disable this with the -noserver option mentioned earlier.

aali86 · Answer

Hi Simon, I am also encountering the same issue but when i do curl from BIGIP it is showing same result but server name changed as defined can you please share where should i mention -noserver option&nbsp;

Forum Discussion

How to hide BIG-IP from Shodan.io?

2 Replies

Recent Discussions

import live updates from version x to version y

Tenant image upgrade

iRule editor partition button does not work

F5Access | MacOS Sonoma

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

Related Content

Re: Get Started with BIG-IP Virtual Edition (VE), BIG-IQ VE or BIG-IP Cloud Edition Trial

Quick Optimizations for F5 BIG-IP Virtual Edition

Getting Started with BIG-IP Next: Upgrading Central Manager

Deploying F5 BIG-IP with Azure Cross-region load balancer

Service discovery and registration with BIG-IP