Yahoo! YSlow recommends removing Entity tags – also known as “ETag”. Unfortunately removing the ETag response header is not an easy task on Windows Server IIS web servers. Here I show you how to properly remove ETag HTTP response headers with an IIS Rewrite Module Outbound rewrite rule…
How to remove the ETag response header in IIS as Yahoo! YSlow recommends?
Remove ETag response headers in IIS
Entity Tags (ETags) are commonly used in Web applications to effectively leverage the use of web farms, which is a non-fancy term for HTTP/S load balancing. In web farms, a common practice is to set what is called ETags headers, as it helps enhance performance in web farm scenarios.
You might expect you can easily remove Entity tags, or Etag headers , in IIS by using <remove name="ETag" /> in the customHeaders node of the web.config configuration file.
For example:
<httpProtocol>
<customHeaders>
<remove name="ETag"/>
</customHeaders>
</httpProtocol>Code language: HTML, XML (xml)or by setting its value to an empty string:
<httpProtocol>
<customHeaders>
<remove name="ETag"/>
<add name="ETag" value=" "/>
</customHeaders>
</httpProtocol>Code language: HTML, XML (xml)<httpProtocol>
<customHeaders>
<remove name="ETag"/>
<add name="ETag" value="""" />
</customHeaders>
</httpProtocol>Code language: HTML, XML (xml)but these customHeaders are ignored…
Luckily you can use an IIS URL Rewrite Outbound Rule in Windows Server to rewrite, and remove, the ETags response header. And here is how.
Outbound Rewrite Rule to properly remove ETag headers in IIS
You have to use an Outbound Rule to remove Etag headers. Use the following URL Rewrite Outbound Rule in your web.config, to remove the ETag header:
<outboundRules>
<rule name="Remove ETag">
<match serverVariable="RESPONSE_ETag" pattern=".+" />
<action type="Rewrite" value="" />
</rule>
</outboundRules>Code language: HTML, XML (xml)It’s pretty straight forward what this rule does, no need to explain.
Thanks to NathanFox.net for sharing this information.
Disable Etag headers completely in IIS applicationHost.config
If you have administrator access to the IIS web server and you want to completely disable Etag headers, then you can do so in your IIS applicationHost.config configuration file.
Since IIS 8.0 you have an updated IIS_schema.xml file, with the following contents:
<element name="clientCache">
<attribute name="cacheControlMode" type="enum" defaultValue="NoControl">
<enum name="NoControl" value="0" />
<enum name="DisableCache" value="1" />
<enum name="UseMaxAge" value="2" />
<enum name="UseExpires" value="3" />
</attribute>
<attribute name="cacheControlMaxAge" type="timeSpan" defaultValue="1.00:00:00" />
<attribute name="httpExpires" type="string" />
<attribute name="cacheControlCustom" type="string" />
<attribute name="setEtag" type="bool" defaultValue="true" />
</element>Code language: HTML, XML (xml)You can find IIS_schema.xml in the folder C:\Windows\System32\inetsrv\config\schema. This means you can add the following in your C:\Windows\System32\inetsrv\config\applicationHost.config:
<clientCache setEtag="false" />Code language: HTML, XML (xml)And for a website level, you can add it to your web.config file as well.
When you’ve already have an entry for clientCache, you can just add in the setEtag attribute within the element:
<staticContent>
<clientCache
cacheControlMode="UseMaxAge"
cacheControlMaxAge="14.00:00:00"
setEtag="false" />
</staticContent>Code language: HTML, XML (xml)(Source, source 2, source 3) Neat, he? :)
Are you looking for rock solid, eco-friendly, Windows hosting? Look no further! UmbHost got you covered, offering hosting services for websites and businesses of all sizes.
High-Availability IIS cluster
To add some extra information regarding Etag headers and clusters:
In a High-Available, Failover IIS cluster, for example for high-performance Umbraco, you need Etag headers. This header makes sure the web servers always sends the correct version of a file. So, don’t remove etag headers unless you are sure your website is not hosted on a high-availability cluster.
The ETag header is used for web cache validation, and enables a Web server to not have to send a full response if no changes have been made to the content.
iis.net Client Cache <clientCache>setEtagcan be set in the Configuration Editor in the pathsystem.webServer/staticContent.
Hello, i added this to the solution and is working great in my local configuration but when deployed it is not, it is renaming them from this “6820f27b1429cf1:0” to this “6820f27b1429cf1:0″,””
Cmon, your authentication code is in Dutch, how would I know that acht is equal 8?
Anyway, Etag is not an issue on IIS7+. It’s synced accross webfarm and would not require Rewrite rule. All this applicable only to IIS6.
http://blogs.iis.net/chrisad/archive/2006/12/18/iis7-deployments-calls-for-etag-usage-review-if-using.aspx
Thank you for your comment Gregory. I’ve changed the captcha to numbers only. You’re correct about that :)
It’s not whether Etag is an issue on IIS7+ or not. It’s about Yahoo Yslow complaining about the HTTP header being sent and in non webfarm set-ups the header isn’t necessary. Therefor users would want to disable this HTTP header.
Searching around on how to disable this header, there isn’t much -easy to find- information on how to properly achieve just that. Therefor I posted the one working example (from NathanFox.net) here, along with some non functional examples from Stack Overflow threads.