Disable insecure spring boot actuator endpoints by default.

Spring Boot Actuator only exposes the /actuator/health /actuator/info endpoint by default
coolbeevip · Mar 14, 2024 · 3220db4 · 3220db4
1 parent 10bd2b4
commit 3220db4
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/alpha/alpha-server/src/main/resources/application.yaml b/alpha/alpha-server/src/main/resources/application.yaml
@@ -140,7 +140,7 @@ management:
   endpoints:
     web:
       exposure:
-        include: "*"
+        include: "health,info"
   health:
     redis:
       enabled: false