From 2437f989cb036329e091f97f7f4f6320119c9240 Mon Sep 17 00:00:00 2001
From: James Elliott <james-d-elliott@users.noreply.github.com>
Date: Thu, 30 Apr 2020 13:16:41 +1000
Subject: [PATCH] [SECURITY] Disable HTTP server header (#946)

* [SECURITY] Disable HTTP Server Header

* alphabetize fasthttp.Server property assignment
---
 internal/server/server.go | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/internal/server/server.go b/internal/server/server.go
index fee0fdda..1b32e0a9 100644
--- a/internal/server/server.go
+++ b/internal/server/server.go
@@ -115,10 +115,11 @@ func StartServer(configuration schema.Configuration, providers middlewares.Provi
 	router.NotFound = ServeIndex(embeddedAssets)
 
 	server := &fasthttp.Server{
-		Handler:         middlewares.LogRequestMiddleware(router.Handler),
-		ErrorHandler:    autheliaErrorHandler,
-		ReadBufferSize:  configuration.Server.ReadBufferSize,
-		WriteBufferSize: configuration.Server.WriteBufferSize,
+		ErrorHandler:          autheliaErrorHandler,
+		Handler:               middlewares.LogRequestMiddleware(router.Handler),
+		NoDefaultServerHeader: true,
+		ReadBufferSize:        configuration.Server.ReadBufferSize,
+		WriteBufferSize:       configuration.Server.WriteBufferSize,
 	}
 
 	addrPattern := fmt.Sprintf("%s:%d", configuration.Host, configuration.Port)