Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Disable Server Signature #23

Closed
askmatey opened this Issue · 3 comments

2 participants

@askmatey

This is a request for a Cherokee enhancement...

In Cherokee Admin:

General Settings > Server Tokens (pull down)

Provide a field for NONE.

Have Cherokee feed back a blank server identification or do not send field
at all if NONE is set.

@skinkie
Collaborator

This has nothing to do with security. A patch that implements this can be found here:

skinkie@1d6ff06

@skinkie skinkie closed this
@askmatey

Of course it does - it gives me the ability, to prevent my servers from any sniffing bots. They need to go harder !

@skinkie
Collaborator

Like Alvaro commented: there are numerous ways to fingerprint a webserver. This is security by obscurity.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.