There is a vulnerability detected by Nessus that involves Internal IP Disclosure in the Elastic Beanstalk servers with Nginx and Phusion Passenger at the response headers, in the Location header.
I already tried setting in the configuration:
server_name_in_redirect on;
Also tried...
return 301 $scheme://www.website.com$request_uri;
in the Nginx configuration but it doesn't seem to work. By setting both configurations in the Passenger and Nginx configuration files.
Any ideas? Thanks.
