Nginx Security Hardening and Rules

Maxim Dounin mdounin at
Mon Oct 20 18:22:58 UTC 2014


On Mon, Oct 20, 2014 at 07:24:27PM +0200, Stefanita Rares Dumitrescu wrote:

> On 20/10/2014 07:46, Maxim Dounin wrote:
> >I always wonder why people think that hiding versions improves
> >security.
> >
> >
> >
> >
> Usually this is done as a preventive measure against 0days if you're not
> around to fix stuff for instance. automated scanners will scan for a certain
> version. If it's not available, you have a time buffer when you can patch
> your stuff, without popping on automated scanners.

Assuming that you'll have a time buffer is a catch.  You won't.  
And the worst thing is that your own automated scanners won't be 
able to notify you about known problems if there are any.

Maxim Dounin

More information about the nginx mailing list