Why does this give me a YSOD?

Question

I added the last two lines to Web.config in response to wagging fingers from the asafaweb (https://asafaweb.com/) report on my site:

  <system.web>
    <compilation debug="false" targetFramework="4.0" />
    <httpRuntime targetFramework="4.0" />
    <httpRuntime enableVersionHeader="false" />
    <customErrors mode="RemoteOnly" defaultRedirect="~/BooBoo" />
  </system.web>

...but had to comment out the "enableVersionHeader" one because of a YSOD.

This is the info asafaweb gave me that caused me to want to make that addition:

The address you entered is unnecessarily exposing the following response headers which divulge its choice of web platform: Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET X-AspNet-Version: 4.0.30319 Configuring the application to not return unnecessary headers keeps this information silent and makes it significantly more difficult to identify the underlying frameworks.

I then combined the two "httpRuntime" lines into one:

<httpRuntime targetFramework="4.0" enableVersionHeader="false" />

...but asafaweb still gives me the same warning. So what's the problem?

UPDATE

Based on the link in the comment, I added this:

...to Web.config, but then I got this YSOD:

HTTP Error 500.19 - Internal Server Error The requested page cannot be accessed because the related configuration data for the page is invalid.

Answer 1

IIRC the "X-Powered-By" header is not left out because of enableVersionHeader (it's not a version header).

Take a look at this discussion: How to remove IIS/ASP.NET Response Headers