Hide your Grafana version for unauthenticated users
Security through obscurity is discouraged by most people, but it should also never be ignored in my opinion. As a first step for Grafana, we can hide our version for anonymous users at the login screen.
Just add the following line to the
[auth.anonymous] section in your
# hide the grafana version for anonymous users hide_version = true
When done, it should look similar to this:
[auth.anonymous] # enable anonymous access enabled = true # specify organization name that should be used for unauthenticated users org_name = Main Org. # specify role for unauthenticated users org_role = Viewer # hide the grafana version for anonymous users hide_version = true
Save the file and restart your Grafana server.
sudo service grafana-server restart