Mask/hide the nginx and PHP versions of site from response headers.
CWE-200 -
risk: low
tech details: server leaks technology stack info in response headers:
Server: nginx/1.15.5
X-Powered-By: PHP/7.0.29
vulnerability: Access to such information may facilitate attackers identifying other frameworks/components your web application is reliant upon and the vulnerabilities such components may be subject to.
rtudvasev
commented
4 years ago
Mask/hide the nginx and PHP versions of site from response headers.
CWE-200 - risk: low tech details: server leaks technology stack info in response headers:
Server: nginx/1.15.5 X-Powered-By: PHP/7.0.29
vulnerability: Access to such information may facilitate attackers identifying other frameworks/components your web application is reliant upon and the vulnerabilities such components may be subject to.