• Johanno@feddit.de
    link
    fedilink
    arrow-up
    5
    ·
    1 year ago

    If your code gives attack surface by information about what went wrong maybe you should not even deploy anything. If your code needs to be secret to be secure your code is anything but secure.

    • MonkderZweite@feddit.ch
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      Not code but internet. A often seen error is letting Appache/Nginx display their name & version in 403/404 pages. First step in planning an attack.