Web Server HTTP Header Information Disclosure

The via header is most frequently used to track when a request has to go through multiple proxies to get external.  It is informational and while it does "leak" information it is not considered particularly dangerous.

Please note that this header is added by the web proxy for browsers behind the firewall accessing websites on the internet.  It is not added if you are using the DPI engine.  It is not added for WAF (Web Application Firewall) for web servers that you are hosting.

You can safely disable this, and can turn it back on at any time.

The via header is most frequently used to track when a request has to go through multiple proxies to get external.  It is informational and while it does "leak" information it is not considered particularly dangerous.

Please note that this header is added by the web proxy for browsers behind the firewall accessing websites on the internet.  It is not added if you are using the DPI engine.  It is not added for WAF (Web Application Firewall) for web servers that you are hosting.

You can safely disable this, and can turn it back on at any time.

Thanks for your reply , 

Is there a safe mode action on Sophos firewall for rollback? 

for example Cisco has reboot as a command for rolling back and reloading, while Mikrotik has safe mode for rolling back. 

I'm not entirely sure what you mean by safe mode / rollback.

If you upgrade from one version to another, you can roll back to the old version.  XG has two partitions and can have two versions at a time.  You would also be booting back to the old database.

For normal configuration changes, there is no rollback.