Nginx Security Hardening and Rules
mdounin at mdounin.ru
Mon Oct 20 18:22:58 UTC 2014
On Mon, Oct 20, 2014 at 07:24:27PM +0200, Stefanita Rares Dumitrescu wrote:
> On 20/10/2014 07:46, Maxim Dounin wrote:
> >I always wonder why people think that hiding versions improves
> Usually this is done as a preventive measure against 0days if you're not
> around to fix stuff for instance. automated scanners will scan for a certain
> version. If it's not available, you have a time buffer when you can patch
> your stuff, without popping on automated scanners.
Assuming that you'll have a time buffer is a catch. You won't.
And the worst thing is that your own automated scanners won't be
able to notify you about known problems if there are any.
More information about the nginx