I'm setting up a new server with Traefik (version 1.7.10) for load balancing different NGINX and PHP-FPM containers.
Currently visitors see in the response header that my containers using NGINX. Where can I globaly, for all containers, overwrite the server response header to something other (like "FunnyServer") ?
With HAProxy I have done this in the past and wondering how to do this with Traefik?
Here you see the response coming from HAProxy:
cache-control: no-store, no-cache, must-revalidate, post-check=0,
pre-check=0
content-type: text/html; charset=utf-8
date: Wed, 17 Apr 2019 20:20:15 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: MonkeysBananaServer <===== WITH HAPROXY!!! Traefik???
set-cookie: PHPSESSID=1234567890abcdef; path=/; domain=.xxx.xx
status: 200
x-powered-by: PHP/x.x.x
As you can see, under HAProxy I have set the response header to "MonkeysBananaServer".
For those who use version 2.0 and have the same question:
- "traefik.http.middlewares.secure-headers.headers.customresponseheaders.x-powered-by=SomeThing/9.7.2"
- "traefik.http.routers.custom_router_name.middlewares=secure-headers"
You can override the response headers:
traefik.frontend.headers.customResponseHeaders=server:FunnyServer
https://docs.traefik.io/configuration/backends/docker/#custom-headers
Related
I want to install & configure my WordPress site in /journal like:
https://example.com/journal/
After my installation, when I try to access /wp-admin, they say cookie settings haven't been configured within my browser and I fail to log in. When I hit curl:
$ curl -I localhost/journal/wp-login.php
HTTP/1.1 200 OK
Date: Tue, 13 Feb 2018 12:02:28 GMT
Server: Apache/2.4.6 (Amazon Linux 2) PHP/7.2.0
X-Powered-By: PHP/7.2.0
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Set-Cookie: wordpress_test_cookie=WP+Cookie+check; path=/journal/journal/; secure
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
I suppose the cookie path being /journal/journal/ is the reason I can't log in properly. What kind of additional configuration is needed to set my cookies properly?
Opening same URL from browser, and the server returns below header.
Repeating again, why it always give HTTP 200, instead of 304.
Any idea?
HTTP/1.1 200 OK Server: Cowboy Connection: keep-alive X-Powered-By:
Express Content-Type: text/html Cache-Control: public, max-age=600
Date: Sat, 07 Nov 2015 04:41:50 GMT Transfer-Encoding: chunked Via:
1.1 vegur
I'm having trouble eradicating a potential security vulnerability. When I run this command:
printf "GET / HTTP/1.0\r\n\r\n" | nc 11.11.11.11 80
(replaced the ip address)
I get a response of:
HTTP/1.1 302 Found
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Expires: -1
Location: https://192.168.212.11/account/login.aspx
x-frame-options: SAMEORIGIN
Date: Thu, 20 Nov 2014 14:45:29 GMT
Connection: close
Content-Length: 158
As you can see the response contains the internal ip address of the server and i cannot work out how to resolve this?
Any help would be amazing as this is driving me insane.
Thanks
So, I wrote a program than is supposes to connected to a server, and it returns the time. It works on my server, but when I tried to use it on another server, it responses oddly. Here is the response from my server:
HTTP/1.1 200 OK
Date: Tue, 07 Jan 2014 00:06:20 GMT
Server: Apache/2.2.22 (Debian)
X-Powered-By: PHP/5.4.4-14+deb7u5
Set-Cookie: PHPSESSID=jlscamqbddtqibf9j7m0fu27p5; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Length: 6
Connection: close
Content-Type: text/html
4:06pm
which works great. Now here is the response from the other server (doesn't work):
HTTP/1.1 200 OK
Date: Tue, 07 Jan 2014 00:06:34 GMT
Server: Apache
Set-Cookie: PHPSESSID=krlqmoqgpiqm9b9u27agup53c7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Connection: close
Content-Type: text/html
6
4:06pm
0
As you can see I'm getting some weird stuff before and after the expected response. The code on the server is exactly the same. And the code on the Arduino is the same except for the a couple strings.
Here is a pastebin of the code I am using: http://pastebin.com/TFF5h2Gw
Sorry there aren't a lot of comments and it's kinda jumbled together. I omitted a little bit of code that is used by other stuff that I haven't even gotten to test yet because I can't even get the time.
What you are seeing is a chunk-encoded response. That is okay as all HTTP/1.1 capable clients are supposed to understand this transport encoding. What is wierd is that the server is not explicitly marking the response as being chunk-encoded (This is usually done via the Transer-Encoding: chunked header).
A quick way to get rid of this is to issue a HTTP/1.0 request.
I write a c program to crawl blogs. It works well until it meets this blog: www.ipujia.com. I send the HTTP request:
GET http://www.ipujia.com/ HTTP/1.0
to the website and get the response as below:
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Feb 2011 13:15:26 GMT
Server: Apache/2.2.16 (Unix) mod_ssl/2.2.16 OpenSSL/0.9.8e-fips-rhel5
mod_auth_passthrough/2.1 mod_bwlimited/1.4 FrontPage/5.0.2.2635 mod_perl/2.0.4
Perl/v5.8.8
X-Powered-By: PHP/5.2.14
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Pragma: no-cache
Last-Modified: Sun, 27 Feb 2011 13:15:27 GMT
Location: http://http/www.ipujia.com/
Content-Length: 0
Connection: close
Content-Type: text/html; charset=UTF-8
This is strange because I cannot get the index page following the Location. Does anyone have any ideas?
The Location field in the response contains a malformed URI.
Location: http://http/www.ipujia.com/ (notice the protocol error)
Should be
Location: http://www.ipujia.com/
Unless you are in control of the server there is little you could do here.
To solve it could you not parse the "Location" response and attempt to extract a valid URI from the it?