Nginx
1 前言
一个问题,一篇文章,一出故事。
最近外部的安全扫描发现我们一个站点对外宣告Nginx的版本号,于是我们需要修改参数隐藏Nginx的版本号。
Server information header exposed www.cmdschool.org:80 Exposing information about the server version increases the ability of attackers to exploit certain vulnerabilities. The website configuration should be changed to prevent version information being revealed in the 'server' header. Expected Headers > server: [does not contain version number] Actual nginx/1.26.0 First detected Jun 3, 2024
2 最佳实践
2.1 安装运行环境
vim /etc/nginx/nginx.conf
修改如下参数,
http {
#...
server_tokens off;
#...
}
2.2 重载服务使配置生效
systemctl reload nginx
没有评论