How to Redirect AMP Page to Non-AMP in Nginx, Apache, Cloudflare?
Abhishek Nair on September 27, 2021
Remove Version from Server Header Banner in nginx
By
Chandan Kumar
in
Nginx
on September 6, 2022
Geekflare is supported by our audience. We may earn affiliate commissions from buying links on this site.
Invicti Web Application Security Scanner - the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.
Mask Nginx version details from the HTTP Response Header.
In default NGINX configuration, the Server header banner is ON which exposes what version of Nginx you are using.
This is considered as information leakage vulnerability.
If you are working on auditing or fixing a security issue, then you will be asked to get rid of a version as part of hardening & security.
Implementation
- Go to nginx/conf folder
- Take a backup of a configuration file
- Add the following in
nginx.confunder server section
server_tokens off;- Restart Nginx webserver
Verification
You can use an online tool Header Checker or developer tools inbuilt in the browser to examine the header.
As you can see, no more version is shown.
I hope this helps and if you are looking to learn Nginx then check out this course by Ray Viljoen.
More great readings on Nginx
-
-
How to Block .git in Apache, Nginx and Cloudflare?Chandan Kumar on October 27, 2020
-
How to Protect Page with Password in Apache, Nginx, WordPress, Hosting?Chandan Kumar on September 11, 2020
-
How to Implement ZeroSSL Certificate in Apache and Nginx?Asad Ali on May 24, 2020
-
Configuring Nginx for Performance and SecurityMichael Aboagye on February 24, 2020
-
How to Enable CORS in Apache and Nginx?Chandan Kumar on October 18, 2019
The more you learn, the better you become.
Every week we share trending articles and tools in our newsletter. More than 10,000 people enjoy reading, and you will love it too.
