Version Disclosure (NginX)

Hi, I found a version disclosure (Nginx) in the your web server's HTTP response. ###Extracted Version: 1.8.0 This information might help an attacker gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of Nginx. #Impact An attacker might use the disclosed information to harvest specific security vulnerabilities for the version identified. Add the following line to your nginx.conf file to prevent information leakage from the SERVER header of its HTTP response: server_tokens off #POC: Checkout the header response: HTTP/1.1 302 Found Cache-Control: private, must-revalidate Connection: keep-alive Date: Mon, 19 Oct 2015 14:28:01 GMT **Server: nginx/1.8.0** Vary: Host Location: https://maximum.com pragma: no-cache expires: -1 Set-Cookie: ████████ X-Frame-Options: sameorigin X-Content-Type-Options: nosniff Content-Length: 320 Content-Type: text/html; charset=UTF-8 Thanks,