Open xiaomuwu831 opened 2 years ago
in src/html-error.c, remove this line
"Server: %s/%s\r\n"
and below it, replace
code, message, PACKAGE, VERSION,
with
code, message,
you might also want to patch similar line in src/utils.c "Server: " PACKAGE "/" VERSION,
generally i think it's bad practice for internet services to publish their exact version number, which makes it easy for hackers to target them for exploits. so maybe we should add something to disable this completely.
I installed the tinyproxy in ubuntu EC2. use command "apt-get install tinyproxy".
if I want to hide version information, Is it possible to modify executable files "/usr/sbin/tinyproxy" only?
it's theoretically possible with a hexeditor but since you'd need to compile anyway to see where the changes kick in, it's better to just compile it from source.
The tinyproxy version I am using is 1.11.0. I want to hide the version information of tinyproxy. like this:
curl -I localhost:8888
I want to hide "Server: tinyproxy/1.11.0".