How to hide the server version?
Marcos Neves
marcos.neves at gmail.com
Sat Jul 5 00:07:50 MSD 2008
But what if I change my token to an apache2 version?
How can somebody found that it´s nginx, and not apache, cherokee, lighttpd
or any other server?
On Fri, Jul 4, 2008 at 4:52 PM, Alan Williamson <alan at blog-city.com> wrote:
> Marcos Neves wrote:
>
>> Can you explain me why it´s not more secure?
>>
>
> because if someone is really that keen to attack you, they can quickly
> figure out which version you are running by running through a number of
> permutations, since nginx has only a limited version history.
>
> by process of elimination the would-be hacker would soon realise which
> version they would be trying to get into .
>
> --
> Alan Williamson
> Registrationless email/sms reminders: http://yourli.st/
> blog: http://alan.blog-city.com/
>
>
--
Marcos Neves
+55 44 3263-8132
+55 44 9918-8488
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20080704/96673cfe/attachment.html>
More information about the nginx
mailing list