Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Server header in Response #89

Open
willk opened this issue Jan 5, 2024 · 0 comments
Open

Server header in Response #89

willk opened this issue Jan 5, 2024 · 0 comments
Labels
opsec

Comments

@willk
Copy link
Contributor

willk commented Jan 5, 2024

From SAR

I noticed some of your nginx/openresty web servers return server headers:

HTTP/1.1 403 Forbidden
Server: openresty/1.19.3.1

Generally, I flag this as limited unless it can be exploited (not to
mention it looks up to the latest release). I'm not sure if this is
intentional but just recommend configuring nginx/openresty to not return
the Server header.
@devzspy devzspy added the opsec label Aug 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
opsec
Projects
Feature Release
Status: Backlog
Milestone
No milestone
Development

No branches or pull requests
2 participants
@willk @devzspy