0

I host a web application on an Ubuntu 14.04 based VM hosted on Microsoft Azure infrastructure. The webserver is nginx. Recently, someone was trying to probe my server, and later correctly surmised that I was using Microsoft's cloud.

How would they have found this out and how can I mask this information from probers (if at all)?

Note that if I run curl -I http://localhost, it doesn't give away a lot of information since I've turned server tokens off.

Sarah Micj
  • 358
  • 2
  • 9

1 Answers1

1

It most likely doesn't matter what your server tells the client, the IP address used to communicate with your virtual azure server is owned by Microsoft and most likely labeled as being used for their cloud offering. You have no influence on this, but it is not a security risk either.

John Keates
  • 820
  • 4
  • 7
  • You can mask the fact that you are using the MS Cloud by using another upstream provider such as Incapsula/Silverline/Akamai, etc – CtrlDot Apr 23 '17 at 15:12