Closed claudijd closed 6 years ago
I believe the header complaints are false positives...
Cache-control: no-store Pragma: no-cache
^^^ is set on all the paths listed above.
I'm not concerned about the cipher selections as they stand, so I'm closing this.
We had a vulnerability assessment performed on ssh_scan_api. The results were relatively benign, but I'm creating an issue to track the findings...
WARN-NEW: Incomplete or No Cache-control and Pragma HTTP Header Set [10015] x 3 https://sshscan.rubidus.com/ https://sshscan.rubidus.com/robots.txt https://sshscan.rubidus.com