fix[security]: Disable server_tokens for React nginx

cvat-ai · May 2, 2024 · 3c84acb · 3c84acb
1 parent 3b62fe2
commit 3c84acb
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/cvat-ui/react_nginx.conf b/cvat-ui/react_nginx.conf
@@ -1,6 +1,11 @@
 server {
     root /usr/share/nginx/html;
 
+    # Disable server signature to make it slighty harder for
+    # attackers to find known vulnerabilities. See
+    # https://datatracker.ietf.org/doc/html/rfc9110#name-server
+    server_tokens off;
+
     gzip on;
     gzip_comp_level 6;
     gzip_http_version 1.1;