How to hide the server version?

stan stanislasmazurek at gmail.com
Mon Jul 7 17:13:43 MSD 2008


You might find some answers in the following guide, courtesy of
Calomel : https://calomel.org/nginx.html

Stan

On Sat, Jul 5, 2008 at 12:52 PM, Janzert <janzert at janzert.com> wrote:
> Marcos Neves wrote:
>>
>> I agree. There´s no such thing as 100% secure, so hide Server signature
>> I really think make thinks more hard. Perhaps enougth to make somebody
>> giveup.
>> But I´m sure that it´s just one thing to do of a hole list, like firewall
>> tunning, etc ...
>>
>> On Fri, Jul 4, 2008 at 6:33 PM, Thomas <iamkenzo at gmail.com
>> <mailto:iamkenzo at gmail.com>> wrote:
>>
>>    I think that if an attacker doesn't immediately see the version
>>    number, he will move on to the next website that will have version
>>    number and is easier to attack. Phpbb removed the version number from
>>    the footer, and there is a reason for that.
>>
>>    But how to edit Nginx' 404 page to not display "Nginx"?
>>
>
> I see attack urls against various pieces of software I've never had
> installed on my system in the logs fairly frequently.
>
> Most modern attackers aren't going to try and determine your software
> version they're just going to try various attacks hoping to find one that
> works.
>
> Janzert
>
>
>





More information about the nginx mailing list