Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
heidarb
on March 27, 2013
|
parent
|
context
|
favorite
| on:
Rails' Insecure Defaults
Even if used in production, isn't hiding the headers security through obscurity?
garethadams
on March 27, 2013
|
next
[–]
Maybe you should present headers from some older, more insecure server? Then any script using the Server headers to target specific vulnerabilities will be completely foiled!
mnarayan01
on March 27, 2013
|
prev
[–]
Precise version information (in production) is probably not a good idea; obscuring the fact that you're insecure has obvious upsides.
Consider applying for YC's Summer 2026 batch! Applications are open till May 4
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
