DEV Community

sium_hossain
sium_hossain

Posted on

1

How to change(Hide) the Nginx Server Signature?

nginx
Exact version number in response header in our server makes vulnerable because known version may have well known vulnerable to attacker. That's the reason we have to hide this signature. Here is the way how we can do that -

I assume that you have already install nginx. And you know certain thing about nginx. We have to install a package which is nginx-extras by -



sudo apt install nginx-extras


Enter fullscreen mode Exit fullscreen mode

And then in nginx conf file we have to add two lines in http section



http{
##########
}


Enter fullscreen mode Exit fullscreen mode


sudo nano /etc/nginx/nginx.conf 


Enter fullscreen mode Exit fullscreen mode


http{

########
        server_tokens off;
        more_set_headers 'Server: None of your business';
}


Enter fullscreen mode Exit fullscreen mode

Then we have to save this file via Ctrl+x and Enter
Then we can check is there any error in our config file by



sudo nginx -t


Enter fullscreen mode Exit fullscreen mode

nginx

If syntax is OK. Then we can restart nginx by -



sudo service nginx restart


Enter fullscreen mode Exit fullscreen mode

nginx response header

Voila!

Top comments (0)

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more