修改或隐藏Nginx响应头server信息和版本号信息

发表于:2023年11月22日 17点27分 0 阅读 1评论 3点赞

修改或隐藏Nginx响应头server信息和版本号信息

隐藏 nginx 版本号信息

隐藏 nginx 版本号信息只需要在 nginx 配置文件全局段添加 server_tokens off;然后重启 nginx即可生效。

http{
    server_tokens off;
}

修改请求响应头中的server信息

nginx要实现隐藏或修改响应头 server 信息的方法目前只有重新编译部署

修改src/core/nginx.h文件

修改前:

修改后:

#define nginx_version      1024000
#define NGINX_VERSION      "1.0"
#define NGINX_VER          "mm/" NGINX_VERSION

#ifdef NGX_BUILD
#define NGINX_VER_BUILD    NGINX_VER " (" NGX_BUILD ")"
#else
#define NGINX_VER_BUILD    NGINX_VER
#endif

#define NGINX_VAR          ""
#define NGX_OLDPID_EXT     ".oldbin"

修改请求响应头中的server信息

修改src/http/ngx_http_header_filter_module.c文件

修改前:

static u_char ngx_http_server_string[] = "Server: nginx" CRLF;
static u_char ngx_http_server_full_string[] = "Server: " NGINX_VER CRLF;
static u_char ngx_http_server_build_string[] = "Server: " NGINX_VER_BUILD CRLF;

修改后:

static u_char ngx_http_server_string[] = "Server: mm" CRLF;
static u_char ngx_http_server_full_string[] = "Server: mm" CRLF;
static u_char ngx_http_server_build_string[] = "Server: " NGINX_VER_BUILD CRLF;

修改nginx返回的默认页面中的server信息

修改src/http/ngx_http_special_response.c文件

修改前:

static u_char ngx_http_error_full_tail[] =
"<hr><center>" NGINX_VER "</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;


static u_char ngx_http_error_build_tail[] =
"<hr><center>" NGINX_VER_BUILD "</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;


static u_char ngx_http_error_tail[] =
"<hr><center>nginx</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;

修改后:

static u_char ngx_http_error_full_tail[] =
"<hr><center>mm</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;


static u_char ngx_http_error_build_tail[] =
"<hr><center>mm</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;


static u_char ngx_http_error_tail[] =
"<hr><center>mm</center>" CRLF
"</body>" CRLF
"</html>" CRLF
;

全部修改完毕后进行重新编译,重启即可生效

0 0
{{c.name}} {{c.create_time|simymdhm}} {{c.like_num}}
{{c.content}}