How to hide the server version?

stan stanislasmazurek at
Mon Jul 7 17:13:43 MSD 2008

You might find some answers in the following guide, courtesy of
Calomel :


On Sat, Jul 5, 2008 at 12:52 PM, Janzert <janzert at> wrote:
> Marcos Neves wrote:
>> I agree. There´s no such thing as 100% secure, so hide Server signature
>> I really think make thinks more hard. Perhaps enougth to make somebody
>> giveup.
>> But I´m sure that it´s just one thing to do of a hole list, like firewall
>> tunning, etc ...
>> On Fri, Jul 4, 2008 at 6:33 PM, Thomas <iamkenzo at
>> <mailto:iamkenzo at>> wrote:
>>    I think that if an attacker doesn't immediately see the version
>>    number, he will move on to the next website that will have version
>>    number and is easier to attack. Phpbb removed the version number from
>>    the footer, and there is a reason for that.
>>    But how to edit Nginx' 404 page to not display "Nginx"?
> I see attack urls against various pieces of software I've never had
> installed on my system in the logs fairly frequently.
> Most modern attackers aren't going to try and determine your software
> version they're just going to try various attacks hoping to find one that
> works.
> Janzert

More information about the nginx mailing list