All geek questions in one place

Displaying the version of the underlying software in the footer of a web application?

I am thinking of providing a version of say, database schema, and dlls for business logic in the footer of my web application.

Is this recommended?

Are there any pitfalls or pointers on how to do this best?

Usability issues?

I already have a version for both the schema and the dll used in my CI solution.

+4
source share
3 answers

I really like what is being done, for example. here . If you look at the bottom of the page, a snippet of "powered by eve community" text will appear there. If you click on this text, you will receive a small piece of technical information.

For me, this is a good compromise between the available (useful) information (for error reporting, etc.) and having (unpleasant) technical jargon visible to users of the site.

+6
source

Do not do this. This gives free information to a potential attacker and makes their work easier. If there are exploits known for your version of the software, there is no need to tell them about it. There are actually search engines built on top of Google that use this information incontinence for powerful exploits (e.g. cDc Goolag scanner ).

Although this may sound like protection from the unknown (because it is), it’s still advisable to make the work of the attacker as difficult as possible. Non-disclosure of implementation details is an important step. Of course, this can only be part of the effort to create a website advocate.

+9
source

IMO, the only reasons for the appearance of version numbers are:

  • To show the progress being made
  • So that error reports are localized in the version, they are detected in

So, if these things are important to your bug reports, then post them. If not, do not do this.

+1
source

Source: https://habr.com/ru/post/1276417/

More articles:


All Articles