How to hide the server version?

Janzert janzert at
Sat Jul 5 07:52:05 MSD 2008

Marcos Neves wrote:
> I agree. There´s no such thing as 100% secure, so hide Server signature
> I really think make thinks more hard. Perhaps enougth to make somebody 
> giveup.
> But I´m sure that it´s just one thing to do of a hole list, like 
> firewall tunning, etc ...
> On Fri, Jul 4, 2008 at 6:33 PM, Thomas 
> <iamkenzo at 
> <mailto:iamkenzo at>> wrote:
>     I think that if an attacker doesn't immediately see the version
>     number, he will move on to the next website that will have version
>     number and is easier to attack. Phpbb removed the version number from
>     the footer, and there is a reason for that.
>     But how to edit Nginx' 404 page to not display "Nginx"?

I see attack urls against various pieces of software I've never had 
installed on my system in the logs fairly frequently.

Most modern attackers aren't going to try and determine your software 
version they're just going to try various attacks hoping to find one 
that works.


More information about the nginx mailing list