Gixy - Check nginx security


Gixy is a tool to check the problem of security in nginx config. I have made a test on my yunohost server. I found only some issue about some app. I think it could be good to integrate this tools to check the security level for all app. Maybe in package check :slight_smile: What do you think ?

1 Like

Yes, that’s sound like a good idea.
Just we you should try it.

in my case, i had a warning

Problem: [http_splitting] Possible HTTP-Splitting vulnerability.
Description: Using variables that can contain “\n” may lead to http injection.

in nextcloud.conf

I replaced $uri by $request_uri in the redirection and i have no more error… and redirection still works… A PR seem to handle this on nextcloud_ynh git :