Need to fix “web server internal ip address/internal network name disclosure vulnerability

Discussion in 'Linux' started by Sebastian Ostrowski, Jun 8, 2019.

  1. Sebastian Ostrowski

    Sebastian Ostrowski New Member

    Joined:
    Jun 8, 2019
    Messages:
    1
    Likes Received:
    0
    Recently a network scan came back with a vulnerability regarding the web server internal name disclosure. I need to fix this but not sure how. In WIndows we would need to modify the IIS.With Linus I believe it some attribute. I am relatively new to Nginx so I would need a step by step . Thanks
     
  2. David

    David Administrator
    Staff Member

    Joined:
    Dec 1, 2015
    Messages:
    673
    Likes Received:
    15
    In in LF appliance you don't need to edit the nginx settings in the console. Also changes in the nginx cfg files are Not recommended because could be rewritten during some next LF update.
    For this need, you can enable "Force Hostname in All URLs" option in the web interface "Admin > System > Hostname & Public URL" configuration.

    Also please ensure your LF server is running now (2019-06) on v3.3.10
     

Share This Page