Hide Your NGINX Server Version

Hide Your NGINX Server Version

Banner grabbing is the act of scanning websites to find server information including services and open ports. This technique is used during vulnerability assessments. Hiding your NGINX server version from scanning tools makes it harder for hackers to know what vulnerabilities can be exploited on your server.

Below we’ll cover how VPS and dedicated server administrators can view server header info and hide your NGINX server version.

Log into SSH or WebHost Manager (WHM) Terminal (if managing a cPanel server) as root before continuing.

You can use the following terminal command to check your current server information.

curl --head yourdomain.com

You can also view this information with online tools such as https://securityheaders.com and https://observatory.mozilla.org. However, you’ll still need to access the terminal to make necessary changes to your server.

In a default configuration, the first two lines of results will display the HTTP protocol, HTTP status code (200, 301, 302, etc.) for the info returned, and server version info. For example:

HTTP/2 200
server: nginx/1.16.7

We’ll remove that version number to make it just a little harder for cyber attackers to infect your server.

  1. Edit the NGINX configuration file:
    nano /etc/nginx/nginx.conf
  2. Under the # HTTP Options and ## lines, add a new line:
    server_tokens off;
  3. Save changes: Ctrl + x.
  4. Check your NGINX server information:
    curl --head yourdomain.com

Note that these changes may take up to a few hours to reflect in header information, depending on system caching settings.

There are many other ways to configure your NGINX web server for better website security. Check out our Support Center for more articles about advanced NGINX configuration.

Learn more about how to secure your server with our Managed Hosting team and Launch Assist today.


It looks like this article doesn't have any comments yet - you can be the first. If you have any comments or questions, start the conversation!

Was this article helpful? Let us know!