Gixy warning on your proposed nginx reverse proxy settings
pbsds opened this issue · comments
Peder Bergebakken Sundt commented
Output from gixy, a nginx config linter:
==================== Results ===================
>> Problem: [host_spoofing] The proxied Host header may be spoofed.
Description: In most cases "$host" variable are more appropriate, just use it.
Additional info: https://github.com/yandex/gixy/blob/master/docs/en/plugins/hostspoofing.md
Pseudo config:
server {
server_name webdav.foobar.pbsds.net;
location / {
proxy_set_header Host $http_host;
}
}
==================== Summary ===================
Total issues:
Unspecified: 0
Low: 0
Medium: 1
High: 0