Runbook

ETag Header Server Information Leak Protection for Nginx Server.

Back to Runbooks

Overview

This incident type involves protecting an Nginx server from Server Information Leak through the use of ETag header. This is done to prevent sensitive server information from being disclosed to unauthorized parties. The ETag header allows for the identification of resources that have changed. By protecting the ETag header, the server can prevent attackers from gaining access to sensitive information that could potentially be used to compromise the server or its resources.

Parameters

Debug

Check if the Nginx server is running.

Check the Nginx configuration file for the Etag header.

Check the Nginx access logs for signs of Etag header leaks.

Use curl to check if the server is leaking Etag header information.

Repair

Disable ETag header in the Nginx server configuration file to prevent its disclosure.

Learn more

Related Runbooks

Check out these related runbooks to help you debug and resolve similar issues.