Hacker News new | ask | show | jobs
by nthitz 4977 days ago
Site is down for me, but I thought we agreed last time this was on HN it wasn't really that big of a deal..

Previous discussion: http://news.ycombinator.com/item?id=4661625
5 comments
perezbox 4977 days ago
Thanks for the update withe link.

Yeah, not sure I'd agree with it not being a big deal. Especially with the type of recon you can do on this information as an attacker.

TP

link
testing12341234 4976 days ago
I believe the consensus was that it was not a big deal for www.php.net to have the server status page up. The original link for that news item was http://php.net/server-status. However, not all sites are like php.net which is used mainly for documentation (it would appear). That said, a status page leaking IPs or sessions (PHPSESSIONID) for a private forum, government agency, etc, could be a different story.

Edited: Typo

link
yen223 4976 days ago
Gotta ask, is there any benefit to having the server status open to public?
link
perezbox 4977 days ago
When was it last on HN? Don't remember seeing it.
link
perezbox 4977 days ago
It's back up now.
link