How to Hide Nginx Version?

Sometimes due to lack of time it is difficult to update the software and you end up with running old vulnerable version. In this cases, it comes to handy to know how to hide nginx version or turn off server signature in nginx from all the public. Hiding nginx version is too easy which can be done by using server_tokens directive.

Also readWhat is Nginx : How Nginx Works

To hide nginx version we need to edit nginx.conf file ( located at /etc/nginx/nginx.conf or /usr/local/nginx/conf/nginx.conf ). You can use editor like nano to modify the file. The server_tokens variable can be used either in the http, server or location sections. Just set it to off, as shown below:

Just add below directive to inside anywhere in http { … }.

server_tokens off;

See below image for reference.


Once you added the code simply save it and restart nginx to make directive active.

service nginx restart

To check results, you can fetch the headers live from any console using curl command.

curl -I

Now you can see that no nginx version appearing and what you can see is just “nginx”.

Also readHow to Improve Nginx Performance : Quick Tips

This way you can hide nginx version or server signature.

Published by Atul Kumar Pandey

Hi, I'm creator of atulhost, comes from business management and tech background. I love to do research on modern business insights and latest technological solutions.

Leave a reply

Required fields are asterisked and email address will not be shared.