Tutorial

How to hide NGINX server version from header response.

When you install the NGINX server on your website, by default it responds with its version details when we check its header response.

Hide NGINX server version header
Hide NGINX server version header

You can consider it as a security issue, hackers can use this information to hack your application or website.

Hide NGINX server version from header response.

We’ll guide you on how you can hide the NGINX server version from the header response of your website. You’re using a normal nginx server and also using a bitnami nginx application.

nginx-with-server-version
nginx with server version

Hide NGINX server

You have to make some changes in the configuration of nginx server so that it hide the server information. You’ve to open the SSH terminal of your website and execute the following command.

Open nginx server configuration file.

To open configuation you’ve to execute the following command.

sudo -i
sudo /etc/nginx/nginx.conf

Now hide the server version.

For this, you’ve to locate the http block of your nginx server configuration and add server_tokens off; into the block, as displayed below.

http {
    ...

    server_tokens off;
    ...
}

Now save the changes by pressing ctrl+X, then Y and then press enter.

Now you’ve to check status of nginx settings, exectute the command.

sudo nginx -t

It will respond as system configuration is ok, you can restart the nginx now. You can do it by executing the following command.

sudo service nginx reload #debian/ubuntu
systemctl restart nginx #redhat/centos

After restarting the system you can check system response by executing.

 curl -I https://example.com/

Using the above method you can remove nginx server version from the header of website it(the server) handle. So that you keep your self hosted project safe and sound.

Hide NGINX server version from Bitnami

Bitnami use customised nginx server, that try to make a user easy to understand its files and locations. And also provide a very secure phpmyadmin page for its users, so that website can be safe.

You can hide nginx server version by editing nginx.conf file of wordpress bitnami nginx. You’ve just to locate the file and add the code in same way as we did above.

Access nginx.conf file of the stack

NGINX server version located in /opt/bitnami/nginx/conf/nginx.conf. To edit this you’ve to access the server with full permission.

sudo -i
nano /opt/bitnami/nginx/conf/nginx.conf

Edit nginx.conf file to hide server version in bitnami stack

Here you’ve to add the following lines to hide the server version of your application.

http {
    ...


    server_tokens off;
    ...
}

Now save the configuration by using ctrl+X, then Y and then press enter. Your new settings will be save. You can test setting files by executing the following command.

nginx -t

Now if your system respond with ok status then you can reload the new configuration in the system or just restart it

nginx -s reload
sudo /opt/bitnami/ctlscript.sh restart nginx

After restarting the system you can check header response.

nginx without server version
nginx header response with server version.

So using the command line you can hide server version information from the header reponse.

I hope you liked this article, in case of any doubt feel free to contact us or comment in the comment section provided below.

Ashok Kumar

Love Coding, Love Blogging what else to explain :).

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Back to top button