Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Informasi Server Leaks via "X-Powered-By" Header Respon HTTP Field #187

Closed
pandigresik opened this issue Aug 11, 2023 · 1 comment
Closed

Informasi Server Leaks via "X-Powered-By" Header Respon HTTP Field #187

pandigresik opened this issue Aug 11, 2023 · 1 comment
Assignees
@pandigresik
Labels
security Keamanan
Milestone
M3 PBB 23.09

Comments

@pandigresik
Copy link

Deskripsi :
Server web/aplikasi membocorkan informasi melalui satu atau lebih header respon HTTP "X-Powered-By". Akses terhadap informasi semacam itu dapat mempermudah penyerang untuk mengidentifikasi kerangka/komponen lain yang bergantung pada aplikasi web Anda dan kerentanan komponen semacam itu dapat dikenai.

Bukti :
X-Powered-By: PHP/8.2.8 pada header

Rekomendasi :
Pastikan server web, server aplikasi, penyeimbang beban, dan lain-lain dikonfigurasi untuk menekan header "X-Powered-By".
@pandigresik pandigresik added the security Keamanan label Aug 11, 2023
@pandigresik pandigresik self-assigned this Aug 14, 2023
@pandigresik pandigresik added this to the M3 PBB 23.09 milestone Aug 14, 2023
@vickyrolanda
Copy link

Sudah diselesaikan di PR https://github.com/OpenSID/pbb_desa/pull/202

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pandigresik pandigresik

Labels
security Keamanan
Projects
None yet
Milestone
M3 PBB 23.09
Development

No branches or pull requests
2 participants
@pandigresik @vickyrolanda