Sorry, I think false alarm. I think it happened when I
removed the port so listening on all ports and it caught
traffic to php-fpm immediately below the traffic from
the outside to nginx so it looked like the server info
was on port 443 but i think it was not.
--------------------------------------------
Subject: Server info in SSL handshake?
To: nginx@nginx.org
Hi, today I was watching traffic on
port 443 for other reasons
and I saw a line go by that had unusual information,
looking
a little bit like server info headers (I saw "nginx" and the
version
number and a couple other info I think maybe "REMOTE_ADDR"
or something like it). Its port 443 so it surprised me --
does
some server info leak out during the SSL handshake?
I saw it at least twice but now it isn't coming back and I
wasn't
able to capture it. :(
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
removed the port so listening on all ports and it caught
traffic to php-fpm immediately below the traffic from
the outside to nginx so it looked like the server info
was on port 443 but i think it was not.
--------------------------------------------
Subject: Server info in SSL handshake?
To: nginx@nginx.org
Hi, today I was watching traffic on
port 443 for other reasons
and I saw a line go by that had unusual information,
looking
a little bit like server info headers (I saw "nginx" and the
version
number and a couple other info I think maybe "REMOTE_ADDR"
or something like it). Its port 443 so it surprised me --
does
some server info leak out during the SSL handshake?
I saw it at least twice but now it isn't coming back and I
wasn't
able to capture it. :(
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
