Due to your organization's security policies, you may not want to reveal that you are using Cerberus or the version number when a user logs in. In Cerberus you can use the "Mask Server Identification (SSH and HTTP/S)" setting. If this option is checked, the server will use a generic identification string for the welcome message during SSH connections. The server will also omit the server header for HTTP/S connections.
Articles in this section
- How can I configure Cerberus to not disclose Its Identity? Can I remove the reply header?
- What is FIPS 140-2?
- Securely Storing User Passwords
- How to create and integrate a reCAPTCHA
- How can I enable Strict Transport Security (HSTS) ?
- If I update my SSL certificate will my host key change?
- How do I disable the RC4 cipher and MD5 MAC algorithm?
- How do I provide robust support for Perfect Forward Secrecy with modern web browsers and FTPS clients?
- How do I protect Cerberus against the “Logjam” vulnerability?
- How do I protect Cerberus against the “POODLE” vulnerability?