Closed franbuehler closed 9 months ago
This PR adds the nginx directive server_tokens to our nginx images and solves part 2 of issue #143.
server_tokens
Full plan: https://github.com/coreruleset/modsecurity-crs-docker/pull/151#issuecomment-1705366720
Tested with curl: set to off(default): < Server: nginx
off
< Server: nginx
Tested: set to on(via docker-compose): < Server: nginx/1.24.0
on
< Server: nginx/1.24.0
Btw: nginx seems to override the server response header set by the backend in a reverse proxy mode. Apache doesn't do that: https://github.com/coreruleset/modsecurity-crs-docker/pull/151#issuecomment-1678991011
This PR adds the nginx directive
server_tokens
to our nginx images and solves part 2 of issue #143.Full plan: https://github.com/coreruleset/modsecurity-crs-docker/pull/151#issuecomment-1705366720
Tested with curl: set to
off
(default):< Server: nginx
Tested: set to
on
(via docker-compose):< Server: nginx/1.24.0
Btw: nginx seems to override the server response header set by the backend in a reverse proxy mode. Apache doesn't do that: https://github.com/coreruleset/modsecurity-crs-docker/pull/151#issuecomment-1678991011