Can we hide Cloudfare Server name in http response header


Is it possible to hide ‘Cloudfare’ server name in the http resposne header?

We had a PenTest conducted on our web application and one of the finding is about information disclosure issue.

This has come up before, and the answer is “no.”

Even if you could get rid of that header, there are plenty more signs it’s Cloudflare…like other headers and the IP address. Pretty hard (impossible, really) to hide that you’re using Cloudflare.


This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.