id: nginx-vhost-traffic-status

info:
  name: Nginx Vhost Traffic Status
  author: geeknik
  severity: low
  description: Nginx Vhost Traffic status is exposed.
  reference:
    - https://github.com/vozlt/nginx-module-vts
  metadata:
    max-request: 1
  tags: status,nginx,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}/status"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "Nginx Vhost Traffic Status"
          - "Host"
          - "Zone"
        condition: and

      - type: status
        status:
          - 200
# digest: 490a00463044022037b28ff0423792683b3749695af80f2b5dc1a85e59932842c19c00c11c915c950220338d7eef032c34a2fd39f0724102b22c92bebce49813f1bb15194dffce9f85f0:922c64590222798bb761d5b6d8e72950