Delete the X-Bluecoat-Via Header on your ProxySG

It is part of security practice to restrict information about your internal network from being exposed. It is part of the RFC and thus mandatory for a Proxy Server to insert an X-Bluecoat-Via header so as to advise the receiving server that the request has been proxied. Most likely, this was done so that the server could be notified that a proxy server was used, but in recent times applications are usually proxy-aware and the server does not need this information (and likely this feature was never used.

It is considered best practice to remove information that would inform a potential attacker about what systems you are using. This HTTP header is sending a information about the vendor of your security appliance and should be suppressed.

You mist want to review this article on how to insert the configuration into your system


<Proxy>
action.xvia(yes)
define action xvia
delete( request.header.X-BlueCoat-Via )
end

Edit: Thanks to Andrew Thomas who points out the following:
The purpose of the X-Bluecoat-Via header is to allow bluecoat devices to sense and deal with forwarding loops i.e. if a bluecoat sees itís own header in an incoming request it knows that something has gone wrong with forwarding and the request should be dropped.

Clipping these headers off your requests at the edge of your network is a good idea, but care should be taken before removing these headers from proxies which arenít the last device in a proxy chain.

  • Andrew Thomas

    The purpose of the X-Bluecoat-Via header is to allow bluecoat devices to sense and deal with forwarding loops i.e. if a bluecoat sees it’s own header in an incoming request it knows that something has gone wrong with forwarding and the request should be dropped.
    Clipping these headers off your requests at the edge of your network is a good idea, but care should be taken before removing these headers from proxies which aren’t the last device in a proxy chain.