-
Notifications
You must be signed in to change notification settings - Fork 800
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fail PCI Compliance due to "Nothing here yet" page as default on ip address #756
Labels
Comments
Nginx config is completely customizable if you really need it:
Now you can change the server to return whatever page you want - or redirect to another page. It's just an nginx config. Feel free to comment if this is not clear. |
This was referenced Sep 26, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
My question is, is there a way to have a default app show up other than the "Nothing here yet" page when accessing the IP address? And can this be accomplished without messing up the Let's Encrypt functionality, or without blocking access to captain.root.domain.com?
I have apps deployed properly and working, but when I try to pass PCI compliance with a network vulnerability scan on my web app URL (ie myappname.root.domain.com), the test actually goes to the IP address of my URL, which ends up at the "Nothing here yet" page. This gives a number of compliance failures due to it hitting the caprover ssl certificate instead of my app's Let's Encrypt certificate. The validation failures include SSL validity length (the caprover SSL certificate is valid until 2029 which is too long), the SSL certificate is self-signed, there is no HTTP Security Header detected (on both 80 and 443), the signature verification failed (not trusted Certificate Authority), and Improper Certificate Usage. Also it says there are non-compliant external links (caprover.com) which comes from the "Read Docs" button on the page.
Thanks!
The text was updated successfully, but these errors were encountered: