How to hide a text read or modify information nginx

Language 2019-07-21 17:01:43 views: null

Nginx version of Http information
see http request response header inside we will find a server that argument, it indicates that the service is what the end use of the web server.

E.g

Sina:

Server: nginx
Open Source China:

Server: Tengine
segmentfault did not even return server!

Many sites not only returned but also with nginx version number, and the version number of this kind of thing as completely unnecessary exposure to the user, we can hide the version number by setting server_tokens off:

{HTTP
the include the mime.types;
default_type file application / OCTET-Stream;
#log_format main 'REMOTE_ADDR $ - $ REMOTE_USER [$ time_local] "$ Request"' # '$ $ body_bytes_sent Status "$ HTTP_REFERER"' # ' "$ HTTP_USER_AGENT" " HTTP_X_FORWARDED_FOR $ " ';
server_tokens OFF; ## hide the version number
Nginx PHP version information in
even the server_tokens set up off, it does not mean nginx version number is completely invisible -
How to hide a text read or modify information nginx

By the graph we can see that although the return http header which has no version number, but there can still get to the php version of nginx, if you want to hide the version number of PHP also need to modify this file fastcgi.conf :

Remove / $ nginx_version directly behind or comment out this line!

fastcgi_param SERVER_SOFTWARE nginx / $ nginx_version;
modify or hide information Nginx
if I want nginx does not show it? Or modify nginx as Tengine it?

This time is necessary to modify nginx source file src / core / nginx.h, for example, I asked modify nginx tengine:

/*

  • Copyright (C) Igor Sysoev
  • Copyright (C) Nginx, Inc.
    / # IFNDEF _NGINX_H Notification and fees INCLUDED #define _NGINX_H Notification and fees INCLUDED #define nginx_version 1009005 / #define NGINX_VERSION "1.9.5" #define NGINX_VER "nginx /" NGINX_VERSION / # the DEFINE NGINX_VERSION "2.1.1" #define NGINX_VER "Tengine /" NGINX_VERSION # # ifdef NGX_BUILD the DEFINE NGINX_VER_BUILD NGINX_VER "(" NGX_BUILD ")" the else # # # endif # NGINX_VER the DEFINE NGINX_VER_BUILD the DEFINE NGINX_VAR "NGINX" #define NGX_OLDPID_EXT ".oldbin" #endif / _NGINX_H Notification and fees INCLUDED * /
    can also put NGINX_VER assignment is empty, so Http return header inside the server also is empty!

Note that, if server_tokens set to off, even if the source NGINX_VER assignment is empty or changed to another value, or return the server nginx, just do not show the version number!
How to hide a text read or modify information nginx

Guess you like

Origin blog.51cto.com/14416052/2422155
Recommended
Ranking
Solve the problem that the Chinese display of the drawing using python matplotlib under the Linux system is displayed as a box
[Conference Call for Papers] The 5th International Conference on Civil Engineering, Environmental Resources and Energy Materials (CCESEM 2023)
4-yl Fast Fourier Transform
DataGirdView interlaced display color
[Docker implements test deployment CI/CD----Dingding alarm after the build is successful (7)]
[Asp.net core series] 6 the complete structure of a project in actual combat
The new version of OpenCenterV3 management background
Why can box plots detect outliers and what is the principle?
[Switch] jumbo frame Introduction
C++对象移动(3)——移动构造函数
Daily
More
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)

Code World

© 2018 codetd.com