Remove Server from HTTP Response in WCF

Question

I have an internet exposed WCF service running on IIS 7.5 that I need to secure. I would like to remove the \"Server\" header in the HTTP response.

I\'ve implemented

Answer 1

This works using an IDispatchMessageInspector

public class SecureBehaviour : IDispatchMessageInspector
{
    public object AfterReceiveRequest(ref Message request,
        IClientChannel channel, InstanceContext instanceContext)
    {
        return null;
    }

    public void BeforeSendReply(ref Message reply, object correlationState)
    {

        var httpCtx = HttpContext.Current;
        if (httpCtx != null)
        {
            httpCtx.Response.Headers.Remove(
                HttpResponseHeader.Server.ToString());
        }
    }
}