DEV Community

sium_hossain
sium_hossain

Posted on

How to change(Hide) the Nginx Server Signature?

nginx
Exact version number in response header in our server makes vulnerable because known version may have well known vulnerable to attacker. That's the reason we have to hide this signature. Here is the way how we can do that -

I assume that you have already install nginx. And you know certain thing about nginx. We have to install a package which is nginx-extras by -

sudo apt install nginx-extras
Enter fullscreen mode Exit fullscreen mode

And then in nginx conf file we have to add two lines in http section

http{
##########
}
Enter fullscreen mode Exit fullscreen mode
sudo nano /etc/nginx/nginx.conf 
Enter fullscreen mode Exit fullscreen mode
http{

########
        server_tokens off;
        more_set_headers 'Server: None of your business';
}
Enter fullscreen mode Exit fullscreen mode

Then we have to save this file via Ctrl+x and Enter
Then we can check is there any error in our config file by

sudo nginx -t
Enter fullscreen mode Exit fullscreen mode

nginx

If syntax is OK. Then we can restart nginx by -

sudo service nginx restart
Enter fullscreen mode Exit fullscreen mode

nginx response header

Voila!

Top comments (0)