How to hide Nginx version

On a default installation of the Nginx web server, the error pages show the version of Nginx software running on your server. Displaying software version is not good for security and visitors don’t need to know what version of Nginx web server you are using. For hackers, if they know the version, they can see if that particular version of the Nginx web server is vulnerable to any exploit and hack the server if there is an exploit available.

Nginx hide version

To hide the Nginx version, edit

vi /etc/nginx/nginx.conf

Under “http” section, add

server_tokens off;

edit nginx.conf

Restart Nginx

systemctl restart nginx

After restart, the error page won’t show the Nginx version.

hide nginx version

Before

boby@sok-01:~$ curl -I http://serverok.test/
HTTP/1.1 404 Not Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 14 Nov 2021 06:11:24 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive

boby@sok-01:~$

After

boby@sok-01:~$ curl -I http://serverok.test/
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 14 Nov 2021 06:20:54 GMT
Content-Type: text/html
Content-Length: 146
Connection: keep-alive

boby@sok-01:~$

See Nginx

Need help with Linux Server or WordPress? We can help!

Leave a Reply

Your email address will not be published. Required fields are marked *