[SOLVED] Nessus Security Scan Fail - Internal IP in HTTP Header
As part of our company security policy we regularly run Nessus security scanner against our servers.
Our Zimbra OSS has failed on "HTTP Header Internal IP Disclosure" which basically means the internal 192.168.x.x IP of the server is being sent in the HTTP header. Tenable Network Security
On Tomcat we add a proxyName value to rewrite the header with the domain name.
But I don't know if this is possible with Jetty, or how it is done in the Zimbra Jetty.
Anyone any ideas?
Will the external IP show in Zimbra log?
Sorry to raise old thread, but I am wondering whether this change will allow the IP address of the client show in mailbox.log and audit.log of Zimbra behind http proxies?
Originally Posted by bertie_uk
For example, an failed login from IP address 99,98.97.96 which connect to proxy 220.127.116.11 will show up as a log entry like this:
As the actual address 99,98.97.96 does not show at all. With the change bertie_uk suggested will cause the log entry those the actual client IP address in that log entry?
2011-04-13 20:37:39,694 INFO [btpool0-36341] [email@example.com;oip=18.104.22.168;ua=zclient/5.0.11_GA_2695.RHEL5_64;] SoapEngine - handler exception: authentication failed for anaccount, invalid password