174
Lemmy.world is exposing the NGINX version
(lemmy.world)
This really should be the default behavior, IMO.
Thanks for the tip, I changed it.
They likely won't see this unless you tag them or cross post to [email protected]
That said, I suspect the version is what's standard in the docker image, so hidden or not, it's easy to discover.
Edit: on the other hand, does the latest nginx get pulled at time of creation?
Edit: on the other hand, does the latest nginx get pulled at time of creation?
It depends on how you have your docker compose file set up. If you pin the version, no, it's never going to get updated unless a new version with that exact tag is released. If you omit the tag, it's going to default to whatever is tagged as latest in the image repository, and that's only going to actually update the image when you either manually pull the image or relaunch the compose stack.
If you want it to auto-update without relaunching the stack or manually pulling the latest image, you'd have to set up something like Watchtower and have it monitor that container.
Ugh, I didn't know, thanks for tagging them.
I didn't tag anyone--its a link to the support community. If you don't get any traction in a day or so, you can look at some of the names of admins posting in there and tag them with "@[email protected]"
Does this actually work to notify someone on Lemmy?
@user@instance is how you're supposed to mention a user. There is a space in the inbox for mentions so I assume it works.
I clicked on the link but I can't contact or write them anything.
Might as well hide the version, but if someone is going to try an exploit, they'll just try it and see whether it works.
Yeah, this post is giving me "security through obscurity" vibes.
Obscuring version numbers is best practice. Trying exploits isn't always trivial and by knowing the exact version number of the software it can be made a whole lot easier. Good post by OP though I do think it should've been a DM to Ruud.
view more: next ›
this post was submitted on 18 Jul 2023
174 points (96.8% liked)
General Discussion
11607 readers
128 users here now
Welcome to Lemmy.World General!
This is a community for general discussion where you can get your bearings in the fediverse. Discuss topics & ask questions that don't seem to fit in any other community, or don't have an active community yet.
🪆 About Lemmy World
🧭 Finding Communities
Feel free to ask here or over in: [email protected]!
Also keep an eye on:
For more involved tools to find communities to join: check out Lemmyverse and Feddit Lemmy Community Browser!
💬 Additional Discussion Focused Communities:
- [email protected] - Note this is for more serious discussions.
- [email protected] - The opposite of the above, for more laidback chat!
- [email protected] - Into video games? Here's a place to discuss them!
- [email protected] - Watched a movie and wanna talk to others about it? Here's a place to do so!
Rules
Remember, Lemmy World rules also apply here.
0. See: Rules for Users.
- No bigotry: including racism, sexism, homophobia, transphobia, or xenophobia.
- Be respectful. Everyone should feel welcome here.
- Be thoughtful and helpful: even with ‘silly’ questions. The world won’t be made better by dismissive comments to others on Lemmy.
- Link posts should include some context/opinion in the body text when the title is unaltered, or be titled to encourage discussion.
- Posts concerning other instances' activity/decisions are better suited to [email protected] or [email protected] communities.
- No Ads/Spamming.
- No NSFW content.
founded 11 months ago
MODERATORS