I am not sure if this is the right sub, but yesterday I was having some issues with login with my user and was getting 403 error if I am not wrong and noticed that the NGINX version is exposed, which is a bad practice.

So if someone from the admins of Lemmy.world see this message, maybe they can change the NGINX config and hide the version flag by setting “server_tokens off;”.

You are viewing a single thread.
View all comments
49 points

This really should be the default behavior, IMO.

permalink
report
reply
35 points
*
Deleted by creator
permalink
report
parent
reply
21 points

My pet theory is that NGINX was designed by a pen-tester who realized that all they needed to do to make the majority of SMBs expose their web servers to the internet was outperform Apache

permalink
report
parent
reply
0 points

They’re not THAT bad…

Besides, the distro packager could also do something about it.

permalink
report
parent
reply

General Discussion

!general@lemmy.world

Create post

Welcome to Lemmy.World General!

This is a community for general discussion where you can get your bearings in the fediverse. Discuss topics & ask questions that don’t seem to fit in any other community, or don’t have an active community yet.


🪆 About Lemmy World

🧭 Finding Communities

Feel free to ask here or over in: !lemmy411@lemmy.ca!

Also keep an eye on:

For more involved tools to find communities to join: check out Lemmyverse!


💬 Additional Discussion Focused Communities:

Rules

Remember, Lemmy World rules also apply here.
  1. See: Rules for Users.
  2. No bigotry: including racism, sexism, homophobia, transphobia, or xenophobia.
  3. Be respectful. Everyone should feel welcome here.
  4. Be thoughtful and helpful: even with ‘silly’ questions. The world won’t be made better by dismissive comments to others on Lemmy.
  5. Link posts should include some context/opinion in the body text when the title is unaltered, or be titled to encourage discussion.
  6. Posts concerning other instances’ activity/decisions are better suited to !fediverse@lemmy.world or !lemmydrama@lemmy.world communities.
  7. No Ads/Spamming.
  8. No NSFW content.

Community stats

  • 873

    Monthly active users

  • 563

    Posts

  • 11K

    Comments