Remove sensitive IIS headers

Issue description

IIS likes to "advertise" itself via the "Server" and "X-Powered-By" headers. This becomes a security concern, particularly when the "Server" header contains a version number.

ESTIMATE TBD

Steps to reproduce the issue

Open the browser's developer tools to the network tab.
Browse to a non-existent url in the API directory structure e.g. https://webapis.cancer.gov/glossary/v1/%2522ns%253D%2522netsparker%25280x0084D8%2529
In the developer tools, click on the request

What's the expected result?

The Server header's value should not contain "Microsoft-IIS/8.5" (we'll go with, it should say "WebAPI")
The X-Powered-By header should not exist.

What's the actual result?

The Server header contains the text "Microsoft-IIS/8.5"
The X-Powered-By header should not exist.

NCIOCPL / glossary-api

Remove sensitive IIS headers #145

Issue description

Steps to reproduce the issue

What's the expected result?

What's the actual result?

Additional details / screenshot