Skip to content

[Pent Test] reconfigure Ingress manifest according to Pen Test findings

found some issues which can be fixed with Ingres settings

  • Cleartext Transmission of Sensitive Information -> set annotation at ingress: nginx.ingress.kubernetes.io/ssl-redirect: "true"
  • Information Disclosure – Leakage of Configurational Details -> set annotation at ingress:
    nginx.ingress.kubernetes.io/server-snippet: |
        location /actuator {
          deny all;
          return 403;
        }
  • Potentially Denial of Service (DoS) -> should be also fixed with above setting

Copyright © Eclipse Foundation AISBL. All rights reserved.     Privacy Policy | Terms of Use | Copyright Agent