The initial issue #3810 was closed due to the release of greenlight 3. But the concern is still the same and still valid.
Telling every visitor the version number of greenlight without authentication is a security issue, because it tells the attacker valid and useful information.
my suggestion: move the version string in the login area for the administrators and remove it from the footer.
The initial issue #3810 was closed due to the release of greenlight 3. But the concern is still the same and still valid.
Telling every visitor the version number of greenlight without authentication is a security issue, because it tells the attacker valid and useful information.
my suggestion: move the version string in the login area for the administrators and remove it from the footer.