有时候某某版本的服务器可能会爆一些漏洞,黑客就会用工具扫描你的服务器软件版本,发现如果是存在漏洞的版本的话就会把你定为攻击对象,所以隐藏服务器的版本号也是一种服务器安全措施。下面我就教大家如何隐藏服务器的本版号: 转载地址:http://www.pc-pub.com/article-956-1.html

Nginx的配置文件修改如:(一般在/usr/local/nginx/conf/nginx.conf)

http {
......                                                            //省略配置
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
tcp_nodelay on;
server_tokens off;
.......                                                    //省略配置
}

修改后重启nginx:

#nginx /usr/local/nginx/sbin/nginx -s reload

修改前后情况对比:

[root@localhost ~]# curl --head 127.0.0.1
HTTP/1.1 403 Forbidden
Server: nginx/0.8.46
Date: Fri, 11 Mar 2011 08:26:51 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 169
Connection: keep-alive


                    
[root@localhost ~]# curl --head 127.0.0.1
HTTP/1.1 403 Forbidden
Server: nginx
Date: Fri, 11 Mar 2011 08:26:58 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 162
Connection: keep-alive

如果你服务器跑的是nginx+php-fpm,还得编辑php-fpm配置文件,如fcgi.conf、fastcgi.conf(在路径/usr/local/nginx/conf/),查看403报错的时候有没有泄露nginx的版本信息:

fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
            
改为

fastcgi_param SERVER_SOFTWARE nginx;

最后重启nginx:/usr/local/webserver/nginx/sbin/nginx -s reload