Image

Knowledge base → Disabling version display in nginx service

[Virtual servers]
Date of publication: 29.08.2024

To increase the security of the nginx service, we recommend disabling the display of the version in the welcome headers when connecting.

This is done by adding a parameter to the main service configuration file:

/etc/nginx/nginx.conf

Before starting the configuration, connect to the port on which the service is running using telnet domain.tld 80.

Server: nginx/1.18.0
Date: Thu, 22 Aug 2024 18:41:07 GMT
Content-Type: text/html
Content-Length: 157
Connection: close

Now let's make changes to the configuration file by adding a parameter to the http section:

server_tokens off;

The configuration file will look something like this:

http {
        # Basic Settings
        charset utf-8;
        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        log_not_found off;
        keepalive_timeout 65;
        types_hash_max_size 2048;
        client_max_body_size 16M;
        include /etc/nginx/mime.types;
        default_type application/octet-stream;
        # Hide Nginx version
        server_tokens   off;

Save the changes and restart the service:

service nginx restart

Check the service response again:

Server: nginx
Date: Thu, 22 Aug 2024 18:43:24 GMT
Content-Type: text/html
Content-Length: 150
Connection: close

Now the service version is not displayed in the greeting headers.





No Comments Yet