Removing/Hiding/Disabling excessive HTTP response headers in Azure/IIS7 without UrlScan

Question

I need to remove excessive headers (primarily to pass penetration testing). I have spent time looking at solutions that involve running UrlScan, but these are cumbersome as

Answer 1

There's also a package on NuGet that helps you achieve this through a few lines of config and no changes to code: NWebsec. The docs on removing version headers can be found here: https://github.com/NWebsec/NWebsec/wiki/Suppressing-version-headers

It's demoed here: http://www.nwebsec.com/HttpHeaders/VersionHeaders (in Azure)

Disclaimer: I'm the developer on the project.