Server signature

Dennis Jacobfeuerborn dennisml at
Wed Dec 22 03:16:54 MSK 2010

On 12/21/2010 10:37 PM, Simon Leins wrote:
> Hi all,
> We are working on a project for a customer.
> For political reasons, the customer will refuse to have any non-IIS web
> servers. Since we deliver the service as SaaS, the customer can only see
> the OS fingerprint and server signature (together with a few other things
> like error pages).
> For the OS signature we are able to change it on the fly with a
> security/network appliance and make it looks unknown, but we now need to
> fake the web server signature. Rather than adding a proxy such as varnish
> in front, I am looking for the way to directly patch the source code to
> change the server signature.
> Could someone point me the file name to patch to get this done?
> As for curious, I work behind the scene so the end-user does not know my
> name :-)

Not sure what that last bit is supposed to mean but I hope you realize that 
you can get into big trouble contractually if you misrepresent the service 
to your customer. This might not sound like a big deal from a technical 
perspective but if anything goes wrong than you can basically be accused of 
fraud quite easily.


More information about the nginx mailing list