Today a set of vulnerabilities was disclosed surrounding CGI-like environments. Luckily due to Hypernode’s thoroughly tested continuously integrated deployment environment we were able to roll out a mitigation strategy on all Hypernodes quickly and safely soon after the news broke.
- block the HTTP_PROXY header from being passed on to PHP-FPM
The Nginx configuration now contains
fastcgi_param HTTP_PROXY "";