For political reasons, the customer will refuse to have any non-IIS web
servers. Since we deliver the service as SaaS, the customer can only see the
OS fingerprint and server signature (together with a few other things like
For the OS signature we are able to change it on the fly with a
security/network appliance and make it looks unknown, but we now need to
fake the web server signature. Rather than adding a proxy such as varnish in
front, I am looking for the way to directly patch the source code to change
the server signature.
Could someone point me the file name to patch to get this done?
As for curious, I work behind the scene so the end-user does not know my