I am not sure if this is the right sub, but yesterday I was having some issues with login with my user and was getting 403 error if I am not wrong and noticed that the NGINX version is exposed, which is a bad practice.
So if someone from the admins of Lemmy.world see this message, maybe they can change the NGINX config and hide the version flag by setting “server_tokens off;”.
This really should be the default behavior, IMO.
deleted by creator
My pet theory is that NGINX was designed by a pen-tester who realized that all they needed to do to make the majority of SMBs expose their web servers to the internet was outperform Apache
They’re not THAT bad…
Besides, the distro packager could also do something about it.