Company News
Connect with Socket at RSA and BSidesSF 2024
Come meet the Socket team at BSidesSF and RSA! We're sponsoring several fun networking events and we would love to see you there.
By Sarah Gooding - Apr 15, 2024
hide-powered-by
Advanced tools
- Version published
- Maintainers
- 1
- Weekly downloads
- 487,815
- decreased by-2.65%
- Install size
- 5.72 kB
Weekly downloads
Readme
Hide X-Powered-By
Simple middleware to remove the X-Powered-By HTTP header if it's set.
Hackers can exploit known vulnerabilities in Express/Node if they see that your site is powered by Express (or whichever framework you use). For example, X-Powered-By: Express is sent in every HTTP request coming from Express, by default. This won't provide much security benefit (as discussed here), but might help a tiny bit. It will also improve performance by reducing the number of bytes sent.
const hidePoweredBy = require('hide-powered-by')
app.use(hidePoweredBy())
You can also explicitly set the header to something else, if you want. This could throw people off:
app.use(hidePoweredBy({ setTo: 'PHP 4.2.0' }))
Note: if you're using Express, you don't need this middleware and can just do this:
app.disable('x-powered-by')
FAQs
Middleware to remove the X-Powered-By header
The npm package hide-powered-by receives a total of 391,383 weekly downloads. As such, hide-powered-by popularity was classified as popular.
We found that hide-powered-by demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Last updated on 26 May 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
OSI to Lead Discussions on Navigating the Challenges of Doing Business with Open Source
OSI is starting a conversation aimed at removing the excuse of the SaaS loophole for companies navigating licensing and the complexities of doing business with open source.
By Sarah Gooding - Apr 12, 2024
Product
Introducing Dependency Visualization: An Interactive Way to See Dependencies at a Glance
We're introducing dependency visualization for reports - get a quick impression of the state of your dependencies without getting lost in the details.
By Eli Insua - Apr 11, 2024