NGINX provides, by default, server signatures in response headers. This contains the server name and version, along with other information. Unfortunately, the NGINX server string info can then be used for malicious attacks.
To protect yourself follow our guide to hide Hide Nginx Server Header. Keep in mind, you can also use the same steps below to conceal NGINX server information such as server signatures and server names. Read on to learn more.
Simple Steps to Conceal Your NGINX Server Version from Header
Step 1. Open Up Your NGINX Configuration File
Start by opening a terminal and run this command to open up your NGINX configuration file in a text editor.
sudo /etc/nginx/nginx.conf
Step 2. Conceal Your NGINX Server Version & Name
Use the server tokens header to hide this information. Use the following line of HTTP block to start this process.
http{ .... server_tokens off; .... }
Step 3. Now Simply Restart NGINX
The last step is to run this command to verify the syntax and update your configuration file.
sudo nginx -t
If you receive no error messages, then run this command to refresh/restart your NGINX server.
sudo service nginx reload #debian/ubuntu systemctl restart nginx #redhat/centos
And that’s all!
We hope this little guide gave you enough info to safely hide your server name, version, signature, and header for your website.