1. The problem I’m having:
Web socket responses are revealing the Caddy tool.
Caddy signature is removed correctly from http(s) traffic but now WSS responses
Not sure if I am missing anything on the setup.
2. Error messages and/or full log output:
I have this request on the web developer tools:
GET /rest/push?pushRef=sg06izoz33 HTTP/1.1
Host: server:123
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0
Accept: /
Accept-Language: en,en-US;q=0.8,es-ES;q=0.5,es;q=0.3
Accept-Encoding: gzip, deflate, br, zstd
Sec-WebSocket-Version: 13
Origin: https://server:123
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: d5lxxxxxxxxxLgw==
DNT: 1
Sec-GPC: 1
Connection: keep-alive, Upgrade
Cookie: xxxxxxxx
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
The response I see is...
Alt-Svc
h3=":36432"; ma=2592000
Connection
Upgrade
Sec-Websocket-Accept
mFjUUgIgqJ334324233323=
Server
Caddy << --- this is what I want to hide/remove
Upgrade
websocket
3. Caddy version:
2.6.2
4. How I installed and ran Caddy:
via apt
a. System environment:
Ubuntu 24.04 LTS
b. Command:
N/A
c. Service/unit/compose file:
N/A
d. My complete Caddy config:
I can’t fully share it 
but I remove the Caddy signature on http(s) petitions with:
server:123 {
header -Server
}
That is working flawlessly
5. Links to relevant resources:
N/A