Hej guys
did a penetration test of my instance. It told there is a risk due to unsecure cookie which could be hijacked by XSS attack. I would like to pretend this risk by adding a line of code into nginx config. But I cannot find it as I use the docker installation.
Is someone out there who can give me a hint where to find the nginx config? In /etc/nginx/site-available is no discourse config used by nginx.
Any hint appreciated.
Kind regards
//neph