Remove Server header from responses

The HTTP Server header allows potential attackers to fingerprint the BMC
much easier than they could otherwise, as the bmc essentially reports
its name to requests.

From section 7.4.2 of RFC7231:
"An origin server MAY generate a Server field in its responses."

This patchset moves bmcwebs position that it will not publish the server
field, as it does not contain useful data for the client.

It should be noted, it looks like OpenSSL was using the server name for
its connection ID.  It's not clear this is correct, or desired, but I've
inlined the old value (to avoid changing behavior).  Also, it was
missing a return code check, so I added it.

Tested:
Will verify in the webui (TBD)

Signed-off-by: Ed Tanous <ed@tanous.net>
Change-Id: Ieee6f15d8299e76517952514ff196008a563b63c