Closed maverickvn360 closed 4 years ago
The default key is only for local development. We don't treat it secure.
@Ajwani97 This server designed to work for local development only. For public web server consider to use nginx.
Thanks for clarification.. 🙂
Hello there, I was searching for leaks using scanners and yours popped up..
I can't mention the location of the same.. But there's a key leak which can allow an attacker to get plaintext from a cipher text..
Please consider an alternative way of storing the key
Thanks