Server info in SSL handshake?
E.B.
emailbuilder88 at yahoo.com
Fri Jun 19 13:10:32 UTC 2015
Sorry, I think false alarm. I think it happened when I
removed the port so listening on all ports and it caught
traffic to php-fpm immediately below the traffic from
the outside to nginx so it looked like the server info
was on port 443 but i think it was not.
--------------------------------------------
Subject: Server info in SSL handshake?
To: nginx at nginx.org
Hi, today I was watching traffic on
port 443 for other reasons
and I saw a line go by that had unusual information,
looking
a little bit like server info headers (I saw "nginx" and the
version
number and a couple other info I think maybe "REMOTE_ADDR"
or something like it). Its port 443 so it surprised me --
does
some server info leak out during the SSL handshake?
I saw it at least twice but now it isn't coming back and I
wasn't
able to capture it. :(
More information about the nginx
mailing list