Can I hide all server / os info?

You can stop it outputting the version of Nginx and OS by adding

server_tokens off;

to a http, server, or location context.

Or if you want to remove the Server header completely, you need to compile Nginx with the Headers More module in, as the header is hard coded in the Nginx source, and this module allows changing any http headers.

 more_clear_headers Server;

However, there are many hidden ways servers perform by accident via their implementation which may help identify the system. e.g. How it responds to a bad SSL request. I don’t see a practical way of preventing this.

Some of the things I might suggest:

  • change error templates
  • block all ports except the services needed

Related Posts:

  1. How can I use environment variables in Nginx.conf
  2. “413 Request Entity Too Large” in Nginx with “client_max_body_size” set
  3. Nginx: Failed to start A high performance web server and a reverse proxy server
  4. NGINX: upstream timed out (110: Connection timed out) while reading response header from upstream
  5. How to fix nginx throws 400 bad request headers on any header testing tools?
  6. nginx – nginx: [emerg] bind() to [::]:80 failed (98: Address already in use)
  7. How to use NGINX as forward proxy for any requested location?
  8. How to verify if nginx is running or not?
  9. “configuration file /etc/nginx/nginx.conf test failed”: How do I know why this happened?
  10. Nginx: stat() failed (13: permission denied)
  11. nginx – two subdomain configuration
  12. GeoIP.dat.gz and GeoLiteCity.dat.gz not longer available? Getting 404 trying to load it
  13. wp-json/ return 404, but wp-json/wp/v2/ works fine on my nginx server
  14. ERR_TOO_MANY_REDIRECTS status 302, how to configure NGINX locations to work with AWS ALB?
  15. NGINX conf on WP Multisite enabled — subdirectory — images fail to load after updates
  16. Configuring Routing Rules for WordPress+Nginx and WP-SuperCache?
  17. Installation failed: Could not create directory – CentOS 7
  18. REST API parameters not working with nginx
  19. Difference between these two nginx try_files statements for WordPress?
  20. How to test drive WordPress on VPS with LEMP stack before going live?
  21. nginx.conf appeared in all WordPress installations on folder
  22. nginx php-fpm, and auto updates?
  23. WordPress and nginx, download some pages instead of serving them
  24. nginx wordpress subdirectory Invalid post type
  25. Nginx + Redirection Plugin breaks Permalinks [closed]
  26. ERROR: No such service: nginx when building wordpress with docker [closed]
  27. Nginx tries the wrong file when http_cookie matches logged_in
  28. Site resolves to www in Firefox and without in Chrome
  29. WordPress Nginx Won’t 404
  30. WordPress file not found and 403 forbidden
  31. Correct regex for Nginx FastCGI cache?
  32. Random occurences of 502 Bad Gateway using WordPress and Nginx
  33. SSL via different domain & path with NGINX/PHP-FPM/WP
  34. Limit file downloads to logged in users (WP + Nginx)
  35. /blog/wp-json/ nginx return 404
  36. WordPress with Photocrati Theme keeps resetting site URL – help solving underlying problem
  37. NGINX / WordPress Site – Increasing php.ini max_execution_time = 600 doesn’t work
  38. Nginx redirects to an extra subdirectory
  39. Something is injecting a slash after any static file response , server is nginx
  40. Custom permalinks not work on Nginx + Apache
  41. Last-Modified header is removed from server response!
  42. Do I need a DNS on a home network?
  43. 504 Gateway Time-out nginx/1.14.0 (Ubuntu)
  44. WordPress + Nginx (Lightsail) problem with ajax
  45. Can I do fragment caching with NGINX fastcgi?
  46. Proxy caching WordPress with Nginx
  47. How to configure nginx for wordpress
  48. Pagespeed Error in Nginx
  49. Rewrite old post images to https
  50. Varnish + Nginx for WordPress is Good?
  51. Must I install a plugin for Nginx object caching? [closed]
  52. Access denied unless I add trailing /
  53. Pages, aside from admin-side and the home page, read “500 Internal Server Error – nginx/1.1.19”.
  54. Nginx how to redirect index.php
  55. In Nginx, how can I rewrite all http requests to https while maintaining sub-domain?
  56. Why do I need Nginx and something like Gunicorn?
  57. Nginx reverse proxy + URL rewrite
  58. How can I see which flags Nginx was compiled with?
  59. How to force or redirect to SSL in nginx?
  60. How do I add Access-Control-Allow-Origin in NGINX?
  61. nginx HTTPS serving with same config as HTTP
  62. How to reply with 200 from Nginx, without serving a file?
  63. Nginx config reload without downtime
  64. How do you restart php-fpm?
  65. Difference in sites-available vs sites-enabled vs conf.d directories (Nginx)?
  66. Nginx enable site command
  67. How to remove the path with an nginx proxy_pass
  68. How to output variable in nginx log for debugging
  69. Make nginx to pass hostname of the upstream when reverseproxying
  70. connect() failed (111: Connection refused) while connecting to upstream
  71. Nginx 1 FastCGI sent in stderr: “Primary script unknown”
  72. Nginx: How do I forward an HTTP request to another port?
  73. Setting expires headers for static content served from nginx
  74. How to restart nginx?
  75. How to disable timeout for nginx?
  76. What does this nginx error “rewrite or internal redirection cycle” mean?
  77. How does try_files work?
  78. nginx – client request body is buffered to a temporary file
  79. Do you need separate IPv4 and IPv6 listen directives in nginx?
  80. an upstream response is buffered to a temporary file
  81. Disable caching when serving static files with Nginx (for development)
  82. How to make a modification take affect without restarting nginx?
  83. How to use nested Nginx location blocks (prefixes vs. regex directives)?
  84. Nginx Redirect via Proxy, Rewrite and Preserve URL
  85. Nginx – root versus alias, for serving single files?
  86. Why do I need nginx when I have uWSGI
  87. What’s the difference between the “mainline” and “stable” branches of nginx?
  88. Nginx redirect one path to another
  89. Remove “www” and redirect to “https” with nginx
  90. Loading WordPress Site Inside iframe won’t allow users to login
  91. 400 Bad Request – request header or cookie too large
  92. ERROR 1045 (28000): Access denied for user ‘root’@’localhost’ (using password: YES)
  93. Unable to locate package libapache2-mod-php7
  94. Removing all installed OpenCV libs
  95. whats the meaning of curl “-s” and “-m”
  96. nginx progy pass doesn’t work in WordPress admin
  97. NGinx + WordPress Subdomain Multi with core in Subdirectory
  98. Receiving 404 when uploading file larger than 10kb
  99. 403 Forbidden home on localhost with nginx server
  100. I have cloudflare flexible enabled, How to redirect to https for Nginx server

Leave a Comment