How to Hide Your NGINX Server Version

Banner grabbing is the act of scanning websites to find server information including services and open ports. This technique is used during vulnerability assessments. Hiding your server version from scanning tools makes it harder for hackers to know what vulnerabilities can be exploited on your server.

We use many internal tools for enhanced server security — this is only one of many ways to secure your VPS

Below we cover how VPS / Dedicated system administrators can view server header info and hide your NGINX server version.

Log into SSH or Web Host Manager (WHM) Terminal before continuing

You can use the curl --head domain.com command to check your server information. The first two lines of results display the HTTP protocol, HTTP status code for the info returned, and server information. For example:

HTTP/2 200
server: nginx/1.16.7

We’ll remove that version number.

You’ll need root access before continuing

Hide NGINX Version

  1. Edit the NGINX configuration file: nano /etc/nginx/nginx.conf
  2. Under the # HTTP Options and ## lines, add a new line:
    server_tokens off;
  3. Save changes: Ctrl + x
  4. Check your server information: curl --head domain.com

Note that these changes may take up to a week to reflect in header information

Learn more about how to secure your server with our Managed Hosting team and Launch Assist today.

Was this article helpful? Let us know!