We did a security review and found that requests to our self hosted instance, e.g. https://< ip-address >:3000 responded with X-Powered-By headers, which is a minor information leak. Wondering if there's a way to configure those to be removed?
Thanks so much!
Hey @Milo_Watanabe! Looks like our security team has been made aware of this and is working on removing this header. I can update this post when that code is live, but as a general timeline it looks like this should be out on Cloud in 1 - 2 weeks and on-premise versions in ~1month.
Wonderful. Thanks so much!
No problem, I believe this code will be released in the 3.30 on premise version coming out next week. Will confirm once it is live. Thanks!
@Milo_Watanabe This should be out in the 3.30.2 release, let me know if that isn't working for you. Thanks!