Introduce a flag to disable the default home page
JDA88 opened this issue · comments
JDA88 commented
Multiple security audits got triggered on our company because they found the windows exporter service responded with an html page at the root and exposed the endpoint from there (/metrics
, /health
, /version
)
Even though I’m not a big fan of security by obfuscation maybe introducing a flag to disable the home page (/
) could make sense and make the exporter less visible in enterprise environment.