A newly discovered security threat exploits a configuration that allows remote users to specify the server for a request in the HTTP Host header, and thus access potentially sensitive information. In this post we explain how to prevent this "cloud metadata" attack.

Use NGINX/NGINX Plus to prevent the HTTPoxy vulnerability, which attacks CGI and FastCGI-like application interfaces, from being exploited on your servers.