I am not sure if this is the right sub, but yesterday I was having some issues with login with my user and was getting 403 error if I am not wrong and noticed that the NGINX version is exposed, which is a bad practice.

So if someone from the admins of Lemmy.world see this message, maybe they can change the NGINX config and hide the version flag by setting “server_tokens off;”.

    • @half
      link
      211 year ago

      My pet theory is that NGINX was designed by a pen-tester who realized that all they needed to do to make the majority of SMBs expose their web servers to the internet was outperform Apache

    • @Sir_Simon_Spamalot
      link
      01 year ago

      They’re not THAT bad…

      Besides, the distro packager could also do something about it.