Remove Version from Server Header Banner in nginx

Netsparker Web Application Security Scanner - the only solution that delivers automatic verification of vulnerabilities with Proof-Based Scanning™.

By Chandan Kumar on July 12, 2020

Posted in

Mask Nginx version details from the HTTP Response Header.

In default NGINX configuration, the Server header banner is ON which exposes what version of Nginx you are using.

This is considered as information leakage vulnerability.

If you are working on auditing or fixing a security issue, then you will be asked to get rid of a version as part of hardening & security.

Implementation

Go to nginx/conf folder
Take a backup of a configuration file
Add the following in nginx.conf under server section

server_tokens off;

Restart Nginx webserver

Verification

You can use an online tool Header Checker or developer tools inbuilt in the browser to examine the header.

As you can see, no more version is shown.

I hope this helps and if you are looking to learn Nginx then check out this course by Ray Viljoen.

Power Your Business

Netsparker

Netsparker uses the Proof-Based Scanning™ to automatically verify the identified vulnerabilities with proof of exploit, thus making it possible to scan thousands of web applications and generate actionable results within just hours.

Try Netsparker

Serverspace

Serverspace is the international cloud provider, offering automated virtual infrastructure deployment. Linux or Windows-based services are available from any location on the globe in less than 1 minute.

Try Serverspace

Sucuri

A global CDN and cloud-based web application firewall for your website to supercharge the performance and secure from online threats. SUCURI WAF protects from OWASP top 10 vulnerabilities, brute force, DDoS, malware, and more.

Try Sucuri

Remove Version from Server Header Banner in nginx

Implementation

Verification

Thanks to our sponsors.

Power Your Business

Choosing the right product and service is essential to run an online business. Here are some of the tools and services to help your business grow.

Netsparker

Serverspace

Sucuri

Remove Version from Server Header Banner in nginx

Implementation

Verification

Thanks to our sponsors.

More Great Reading on Geekflare

How to Block .git in Apache, Nginx and Cloudflare?

How to Protect Page with Password in Apache, Nginx, WordPress, Hosting?

How to Implement ZeroSSL Certificate in Apache and Nginx?

Configuring Nginx for Performance and Security

How to Enable CORS in Apache and Nginx?

How to Implement CSP frame-ancestors in Apache, Nginx and WordPress?

Power Your Business

Choosing the right product and service is essential to run an online business. Here are some of the tools and services to help your business grow.

Netsparker

Serverspace

Sucuri