Facebook Twitter Instagram
    TecAdmin
    • Home
    • Ubuntu 20.04
      • Upgrade Ubuntu
      • Install Java
      • Install Node.js
      • Install Docker
      • Install LAMP Stack
    • Tutorials
      • AWS
      • Shell Scripting
      • Docker
      • Git
      • MongoDB
    • FeedBack
    • Submit Article
    • About Us
    Facebook Twitter Instagram
    TecAdmin
    Home»Security»How to Hide Nginx Version from HTTP Header

    How to Hide Nginx Version from HTTP Header

    RahulBy RahulOctober 26, 20162 Mins ReadUpdated:January 29, 2017

    When you configure your production and development infrastructure. The primary concern should be security. You may face serious consequences in the future. You must apply to security in many directions. In that, If you are running your application with NGINX web server, you should apply this security tip on your server.

    Check Unsecure HTTP Header

    Check the http header of your server, You will see the version of NGINX server running. Hackers can use this information for hacking.

    $ curl -I http://example.com
    
    You can see that your server is running with NGINX 1.10.0 server.
    
    HTTP/1.1 200 OK
    Server: nginx/1.10.0 (Ubuntu)
    Date: Wed, 26 Oct 2016 11:48:36 GMT
    Content-Type: text/html
    Content-Length: 11321
    Last-Modified: Thu, 20 Oct 2016 05:30:08 GMT
    Connection: keep-alive
    ETag: "58649f60-2c39"
    Accept-Ranges: bytes
    

    Hide Apache2 Version

    Edit your NGIX configuration file and set the server_tokens variable value to off, either in the http, server or location sections as following.

     server_tokens off;
    

    Check Unsecure HTTP Header

    After makeing above changes, re-check the http header values using following command.

    $ curl -I http://example.com
    
    Now you can see that header is only showing that Apache is runnign, but no version or OS details available there.
    
    HTTP/1.1 200 OK
    Server: nginx
    Date: Wed, 26 Oct 2016 11:48:36 GMT
    Content-Type: text/html
    Content-Length: 11321
    Last-Modified: Thu, 20 Oct 2016 05:30:08 GMT
    Connection: keep-alive
    ETag: "58649f60-2c39"
    Accept-Ranges: bytes
    
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email WhatsApp
    Previous ArticleHow to Hide Apache Version from HTTP Header
    Next Article How to Install SVN Server on Ubuntu 18.04 & 16.04 LTS

    Related Posts

    How to Install and Configure Fail2ban on Debian 11

    3 Mins Read

    How To Secure SSH Server

    Updated:July 24, 20215 Mins Read

    How to Secure GitLab Server with Let’s Encrypt SSL

    2 Mins Read

    X-XSS-Protection – Secure Apache from Cross-Site Scripting

    Updated:August 31, 20202 Mins Read

    How to Open Specific Port in FirewallD

    Updated:February 12, 20212 Mins Read

    How to Setup Let’s Encrypt SSL with Apache on CentOS 8

    Updated:March 14, 20203 Mins Read

    Leave A Reply Cancel Reply

    Recent Posts
    • How to Enable / disable Firewall in Windows
    • How to Install JAVA on Ubuntu 22.04
    • Switching Display Manager in Ubuntu – GDM, LightDM & SDDM
    • Changing the Login Screen Background in Ubuntu 22.04 & 20.04
    • How To Install PHP (8.1, 7.4 or 5.6) on Ubuntu 22.04
    Facebook Twitter Instagram Pinterest
    © 2022 Tecadmin.net. All Rights Reserved | Terms  | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.