DEV Community

Cover image for How to Secure Nginx WeB-Server From HACKERs | Tip
SyedAsadRazaDevops
SyedAsadRazaDevops

Posted on • Edited on

2

How to Secure Nginx WeB-Server From HACKERs | Tip

  • How to Hide Nginx Server Version in Linux?
  • Disable server_tokens directive in NGINX?
  • Is it possible to change server_tokens?

In this short article, we will show you how hide Nginx server version on error pages and in the “Server HTTP” response header field in Linux. This is one of the key recommended practices in securing your Nginx HTTP and proxy server.

The “server_tokens” directive is responsible for displaying the Nginx version number and Operating system on error pages and in the “Server” HTTP response header field as shown in the following screenshot.

Image description

Description:

The server_tokens directive is responsible for displaying the NGINX version number and operating system version on error pages and in the Server HTTP response header field. This information should not be displayed.

Rationale:

Attackers can conduct reconnaissance on a website using these response headers, then target attacks for specific known vulnerabilities associated with the underlying technologies. Hiding the version will slow down and deter some potential attackers.

Audit:

In the NGINX configuration file nginx.conf, verify the server_tokens directive is set to off. To do this, check the response headers for the server header by issuing this command:

curl -I 127.0.0.1 | grep -i server

Add the following line to http context as shwon in the screen shot below.

server_tokens off;

Note: This will only hide the server version number, but not the server signature (name).

Thankyou! DONE

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

Top comments (1)

Collapse
 
danielcristho profile image
Daniel Pepuho

Thanks a lot

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

👋 Kindness is contagious

Explore a sea of insights with this enlightening post, highly esteemed within the nurturing DEV Community. Coders of all stripes are invited to participate and contribute to our shared knowledge.

Expressing gratitude with a simple "thank you" can make a big impact. Leave your thanks in the comments!

On DEV, exchanging ideas smooths our way and strengthens our community bonds. Found this useful? A quick note of thanks to the author can mean a lot.

Okay