Hackers frequently use publicized security vulnerabilities, especially zero-day vulnerabilities—security flaws that have been made public in the last 24 hours. When someone publishes a zero-day vulnerability for a software component, hackers will immediately scan for web servers running the vulnerable software in order to exploit the security hole. To protect yourself from such threats, you should ensure that your web server doesn’t leak information about the type of software stack you’re running on. If you inadvertently advertise your server technology, you’re making yourself a target.

In this chapter, you’ll learn some common ...

Get Web Security for Developers now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.