I’ve been using Kong for the last couple of years without issues.
Currently running version 2.4.1 in db-less mode with Docker.
I’d like to remove the Kong headers to give less information to possible attackers but when following the documentation and disable them by setting the environment variable
This works however I see now in my Grafana Kong dashboard that the latency of the responses has increased around 100ms.
Is this the expected behavior? I didn’t think removing the headers could be so expensive…
On the other side, I’d also like to disable the
Server header in Kong but I see that in
nginx-kong.conf its enabled
with proxy_pass_header Server; Can this be achieved without issuing the Response Transformer plugin?