Opened on 04/10/2014 at 06:37:58 PM
Closed on 04/23/2014 at 10:32:20 AM
#300 closed change (fixed)
Don't expose nginx version number in headers
Reported by: | trev | Assignee: | trev |
---|---|---|---|
Priority: | P3 | Milestone: | |
Module: | Infrastructure | Keywords: | |
Cc: | Blocked By: | ||
Blocking: | Platform: | ||
Ready: | yes | Confidential: | no |
Tester: | Verified working: | no | |
Review URL(s): |
Description
Background
Currently the Server HTTP header contains the full nginx version number, this is considered not ideal security-wise.
What to change
Add server_tokens directive to nginx configuration.
Attachments (0)
Change History (4)
comment:1 Changed on 04/14/2014 at 06:37:58 AM by trev
- Review URL(s) modified (diff)
- Status changed from new to reviewing
comment:2 Changed on 04/14/2014 at 06:38:13 AM by trev
- Owner set to trev
- Status changed from reviewing to assigned
comment:3 Changed on 04/14/2014 at 06:38:20 AM by trev
- Status changed from assigned to reviewing
comment:4 Changed on 04/23/2014 at 10:32:20 AM by trev
- Resolution set to fixed
- Status changed from reviewing to closed
Note: See
TracTickets for help on using
tickets.
Fixed: https://hg.adblockplus.org/infrastructure/rev/78ca37941015