Web Server Internal IP Address/Internal Network Name Disclosure Vulnerability

Hi,

I did QualysGuard scan and it says “Web Server Internal IP
Address/Internal Network Name Disclosure Vulnerability”. It suggest
for Apache, I need to:

For Apache Web Server:
Modify the Apache configuration file as follows:

  • Set “ServerName” to a proper FQDN.
    or
  • Use module mod_rewrite to modify the 3xx error message returned by the
    server.

So what I need to do in nginx to fix this issue? Thank you.

On Fri, May 27, 2011 at 09:24:09AM -0700, Mon Y. wrote:

or

  • Use module mod_rewrite to modify the 3xx error message returned by the server.

So what I need to do in nginx to fix this issue? Thank you.

If you proxy server via nginx, then probably something like this:

server {
server_name FQDN;

location / {
    proxy_pass      http://backend;
    proxy_redirect  http://FQDN/  http://backend/;
}

}


Igor S.

Sorry… FQDN = nginx server itself or the backend mail server?

Or, can you tell me how to change 3xx error message, since it might be
safer so it won’t break things?

Thank you.

On 28 May 2011 06:02, Mon Y. [email protected] wrote:

Sorry… FQDN = nginx server itself or the backend mail server?

nginx server. The full name you would access the site with from the
outsite.

Or, can you tell me how to change 3xx error message, since it might be
safer so it won’t break things?

http://wiki.nginx.org/HttpCoreModule#error_page

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs