通常nginx伺服器不隱藏伺服器型別及版本資訊
curl -I http://www.aaa.com
獲取web伺服器的型別和版本程式碼
HTTP/1.1 200 OK
Server: nginx nginx/0.8.53
Date: Tue, 14 Dec 2010 08:10:06 GMT
Content-Type: text/html
Content-Length: 151
Last-Modified: Mon, 13 Dec 2010 09:39:55 GMT
Connection: keep-alive
Accept-Ranges: bytes
這對於伺服器安全來說是個隱患,用以下方法可以改善這種情況
1. 編輯原始碼../src/http/ngx_http_header_filter_module.c
修改前程式碼
48 static char ngx_http_server_string[] = “Server: nginx” CRLF;
49 static char ngx_http_server_full_string[] = “Server: ” NGINX_VER CRLF;
改為
修改後程式碼
48 static char ngx_http_server_string[] = “Server: test 1.0 ” CRLF;
49 static char ngx_http_server_full_string[] = “Server: test 1.0 ” NGINX_VER CRLF;
然後編譯安裝。
2. 編輯/usr/local/nginx/conf/nginx.conf,新增
server_tokens off;
重新啟動nginx
/usr/local/nginx/sbin/nginx -s reload
最終結果如下
curl -I http://www.aaa.com
被修改後的伺服器資訊程式碼
HTTP/1.1 200 OK
Server: test 1.0
Date: Tue, 14 Dec 2010 08:24:32 GMT
Content-Type: text/html
Content-Length: 151
Last-Modified: Mon, 13 Dec 2010 09:39:55 GMT
Connection: keep-alive
Accept-Ranges: bytes