Nginx HTTP API Module provide a REST API for accessing various status information, configuring upstream server groups on-the-fly, and managing key-value pairs without the need of reconfiguring nginx. If these endpoints are accessible to an attacker, he can modify the configuration in place and, in particular, redirect all traffic to a third-party…Read More