If you want to restrict, that people can get access to your umbraco folder, e.g http://www.domain.com/umbraco/, then you could in IIS restrict the umbraco folder to an ip range that corresponds to your organisation.
It's possible BuiltWith checks to see if a path exists at /umbraco/ - but you can change this path in web.config with the following key in appSettings:
<add key="umbracoPath" value="~/umbraco" />
However, be warned that there may well be hardcoded references in places in your code, 3rd party code or even the source.
Is it possible to hide the fact that the website uses Umbraco
Obviously security best practice is to hide what webserver is being used, what .net versions are used etc which can be done in IIS.
Is it possible to hide the fact that the website runs Umbraco (currently on 6.x.x)?
In the web.config on the httpRuntime tag add the attribute : enableVersionHeader="false". This will prevent sending .NET framework information.
You also need to add this to the system.webServer section in the web.config
<!-- Ensure the powered by header is not returned --> <httpProtocol> <customHeaders> <remove name="X-Powered-By" /> </customHeaders> </httpProtocol>Dave
Thanks very much :-)
Hi Steve,
If you want to restrict, that people can get access to your umbraco folder, e.g http://www.domain.com/umbraco/, then you could in IIS restrict the umbraco folder to an ip range that corresponds to your organisation.
http://our.umbraco.org/forum/getting-started/installing-umbraco/13272-How-to-Lock-Down-Umbraco-Backend
Hope this helps,
/Dennis
we already have
and
but it still shows when I use BuiltWith, is there anything else I've missed?
What header are you still seeing ?
Dave
from Google Chrome dev tools -
bootstrap.css /css font-awesome.min.css /css lcc.tabs.css /css css?family=Open+Sans:400,700 fonts.googleapis.com layout.css /css residents.css /css jquery-1.10.2.min.js /scripts/libs 20 requests ❘ 29.7 KB transferred ❘ 269 ms (load: 270 ms, DOMContentLoaded: 206 ms) HeadersPreviewResponseCookiesTiming Remote Address:* Request URL:http://new..uk/ Request Method:GET Status Code:200 OK Request Headersview source Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,/;q=0.8 Accept-Encoding:gzip,deflate,sdch Accept-Language:en-US,en;q=0.8 Connection:keep-alive Cookie:__RequestVerificationToken=IVQC6UfcZXZDWtQudhydPKY2Octu50QHRRkL0W_1AUN51wZMJZn2rb4cRJxk651SxVuKU51WAqW4OhoAGzp5nm_sa6J9lxy4TJnIOxQ3sjBIVD1mc_sj_GrHeyx2S2NG5QfVhFuZ8TX_nUNdIef3SQ2; ASP.NET_SessionId=rwox4gxvn123hr01h3ny1tav; __utma=35682239.1838924903.1391774601.1413881831.1413885428.431; __utmb=35682239.3.10.1413885428; __utmc=35682239; __utmz=35682239.1413800641.426.9.utmcsr=payments.northdevon.gov.uk|utmccn=(referral)|utmcmd=referral|utmcct=/ Host:new..uk User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.104 Safari/537.36 Response Headersview source Cache-Control:private Content-Length:29806 Content-Type:text/html; charset=utf-8 Date:Tue, 21 Oct 2014 10:07:50 GMT SERVER:
have no idea how BuiltWith http://builtwith.com/ finds out
No clue what it uses to detect Umbraco.
On my sites it detects some and some it doesn't.
dave
Glad it's not just me then! :-D
It's possible BuiltWith checks to see if a path exists at /umbraco/ - but you can change this path in web.config with the following key in appSettings:
However, be warned that there may well be hardcoded references in places in your code, 3rd party code or even the source.
is working on a reply...