It would be great to have the headers-more-nginx-module module added by default.
I'm currently using it on my docker image and it's useful because have all the default libs I need. However, after a couple of penetration testing reports I had been asked to remove the Server: nginx value from the response header.
I've added server_tokens off; to the nginx config to hide the version, but I need to use more_clear_headers Server; to completely remove the information. I can only do with this module apparently, unless there is another way.
Any recommendation would be great to solve the problem sooner than awaiting for an eventual update.
Thank you for the hard work.
Sam
It would be great to have the headers-more-nginx-module module added by default.
I'm currently using it on my docker image and it's useful because have all the default libs I need. However, after a couple of penetration testing reports I had been asked to remove the Server: nginx value from the response header.
I've added server_tokens off; to the nginx config to hide the version, but I need to use more_clear_headers Server; to completely remove the information. I can only do with this module apparently, unless there is another way.
Any recommendation would be great to solve the problem sooner than awaiting for an eventual update. Thank you for the hard work. Sam