all InfoSec news
How to Hide the X-Powered-By Header in NestJS
May 19, 2024, 12:52 a.m. | Atsushi Suzuki
DEV Community dev.to
While developing a backend application with NestJS, I noticed that the X-Powered-By: Express header appeared in the API responses during debugging. This can expose your technology stack to potential attackers.
To prevent this and enhance security, we need to hide the X-Powered-By header. Here’s how you can do it.
First, you should have the following code in your main file:
const app = await NestFactory.create(AppModule);
Next, import the necessary modules:
import { ExpressAdapter } from '@nestjs/platform-express';
import express from 'express'; …
api application attackers backend beginners can debugging expose express header hide nestjs prevent security stack technology webdev
More from dev.to / DEV Community
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC