How to Hide Nginx Version

Sometimes due to lack of time it is difficult to update the software and you end up with running old vulnerable version. In this cases, it comes to handy to know how to hide nginx version or turn off server signature in nginx from all the public. Hiding nginx version is too easy which can be done by using server_tokens directive.

Also readWhat is Nginx : How Nginx Works

To hide nginx version we need to edit nginx.conf file ( located at /etc/nginx/nginx.conf or /usr/local/nginx/conf/nginx.conf ). You can use editor like nano to modify the file. The server_tokens variable can be used either in the http, server or location sections. Just set it to off, as shown below:

Just add below directive to inside anywhere in http { … }.

server_tokens off;

See below image for reference.

nginx.conf

Once you added the code simply save it and restart nginx to make directive active.

service nginx restart

To check results, you can fetch the headers live from any console using curl command.

curl -I http://www.YourWebsite.com

Now you can see that no nginx version appearing and what you can see is just “nginx”.

Also readHow to Improve Nginx Performance : Quick Tips

This way you can hide nginx version or server signature.

Share This

Author: AtulHost

Hi, I'm Atul Kumar Pandey, a full time blogger by passion and profession. Since I started working on the web industries many years ago, with my all expertise I blog on atulhost.com, where my main objective is to build and market quality contents and reviews.