damiafaw
commented
3 years ago You just need to comment out the header which states SlickStack - its in the nginx.conf file add_header X-Powered-By "SlickStack";
Closed blakepb closed 3 years ago
damiafaw
commented
3 years ago You just need to comment out the header which states SlickStack - its in the nginx.conf file add_header X-Powered-By "SlickStack";
jessuppi
commented
3 years ago @damiafaw is correct, just comment out the Powered-By header in nginx.conf
Keep in mind this is one of the only ways that SlickStack promotes itself, so it does hurt our ability to grow if everyone starts hiding that they are using it. There are never any "versions" displayed, so security concerns are minimalized.
For these reasons I doubt we'd ever make it easier to remove that line.
Does anyone know how tools like Wappalyzer are identifying the fact that sites are using SlickStack? I assume there must be reference to SlickStack made somewhere within the HTTP header. Any way to easily hide this? I firmly believe that obscuring (or rather, not advertising) as much information about the stack which powers a website is best practice.