Hi there folks,
Is it possible to remove the sensitive server information from the website?
What i’m saying is, when you scrolldown to the end of the page you see the graylog version, server, and java version.
I want to remove this information. but i’m not finding anything that can help me do this…
If it’s not possible… can i change the information or something?
I want to change the information for basic security purposes (you know trying to hide something).
Upgraded to version 6.1 to see if there is something different… nothing so far
From what i can se the only way to remove this is editing some of the js files inside graylog.jar removing the footer is that right?
Hello @tadeu.alves,
I’m unsure this is possible, you should raise it here as an issue/feature request.
I am trying to understand your use case. Who are you concerned seeing your footer that would create a security risk that already has access to your Graylog interface?
You could ask why version information is surfaced to anyone but admins, a question of limiting information on the install available via the UI.
Sorry for taking so long to respond.
The “security” department of my organization, have some “great” ideas to “obfuscate” some “sensible” data…
And yeah, i’m trying to justify that there’s no problem letting this information like this cause it’s not critical. But yeah someone above my pay grade wants to remove this information.
Thanks, Ive captured the request. Its helpful to understand the use case so thanks for sharing.
Ty for answering it @SethG.
I was thinking about what @Wine_Merchant sugested, create a feature request, so only admins can see this information and for non admins the footer shows nothing or only the Graylog version.
But never got to do it, too much stuff to do at my workplace atm.
Today our Graylog is pushing for +120k msg/s with a daily ingest of almost 4TiB ( Last 180 days: 674.7TiB), it’s critical for the management (dashboards) and for the devs (debugging). Because of this, our the security team want some “stuff” that right now is not possible because isn’t implemented or because we don’t have the enterprise license.
I think there is very little usage for the information provided in the footer, besides the Graylog version. I would be surprised if removing the Java and Linux kernel versions from the footer would harm anyone.
This is what the security guy told me:
If a bad actor see the version of Graylog and it’s affected by a CVE that’s an issue, the same goes for kernel version or the java.
So, if you give this information you are facilitating his job.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
