I completely understand your scenario and points. Our product engineering has been evaluating the feature request (or / for any short-term possibilities), however there is no concrete info/ETA to share.
Just to highlight more on the alternate solution:
1.App Gateway is the correct service to solve this problem. It has the capability to completely remove the “Server” response header from responses and will not reveal even the server version of the proxy itself. The security scans will be successful at this point.
2.App Gateway is a regional service capable of hosting upto 100 endpoints. It would be one App Gateway per region per 100 sites behind the reverse proxy.
Depending the scenario/requirement -Although I certainly understand this alone costs overhead and maintenance effort and may not be a suitable option for every case.
3.App Service product group is considering this feature and may have an update soon, although there is no concrete ETA.
Kindly consider to upvote this feature request: remove server header from the front end servers
4.It is not currently possible to implement a custom error page instead of the default “Azure 404” or similar pages.
Feature request for custom 403 or 503 - Kindly up-vote this feature request.