Nginx Security Hardening and Rules
Maxim Dounin
mdounin at mdounin.ru
Mon Oct 20 18:22:58 UTC 2014
Hello!
On Mon, Oct 20, 2014 at 07:24:27PM +0200, Stefanita Rares Dumitrescu wrote:
>
> On 20/10/2014 07:46, Maxim Dounin wrote:
> >I always wonder why people think that hiding versions improves
> >security.
> >
> >http://en.wikipedia.org/wiki/Security_through_obscurity
> >
> >
> Usually this is done as a preventive measure against 0days if you're not
> around to fix stuff for instance. automated scanners will scan for a certain
> version. If it's not available, you have a time buffer when you can patch
> your stuff, without popping on automated scanners.
Assuming that you'll have a time buffer is a catch. You won't.
And the worst thing is that your own automated scanners won't be
able to notify you about known problems if there are any.
--
Maxim Dounin
http://nginx.org/
More information about the nginx
mailing list