How to hide the server version?
Janzert
janzert at janzert.com
Sat Jul 5 07:52:05 MSD 2008
Marcos Neves wrote:
> I agree. There´s no such thing as 100% secure, so hide Server signature
> I really think make thinks more hard. Perhaps enougth to make somebody
> giveup.
> But I´m sure that it´s just one thing to do of a hole list, like
> firewall tunning, etc ...
>
> On Fri, Jul 4, 2008 at 6:33 PM, Thomas
> <iamkenzo at gmail.com
> <mailto:iamkenzo at gmail.com>> wrote:
>
> I think that if an attacker doesn't immediately see the version
> number, he will move on to the next website that will have version
> number and is easier to attack. Phpbb removed the version number from
> the footer, and there is a reason for that.
>
> But how to edit Nginx' 404 page to not display "Nginx"?
>
I see attack urls against various pieces of software I've never had
installed on my system in the logs fairly frequently.
Most modern attackers aren't going to try and determine your software
version they're just going to try various attacks hoping to find one
that works.
Janzert
More information about the nginx
mailing list