问题:
可通过HTTP获取远端WWW服务信息 | 低 | 本插件检测远端HTTP Server信息。这可能使得攻击者了解远程系统类型以便进行下一步的攻击[kz1] [kz2] 。 | NSFOCUS建议您采取以下措施以降低威胁:
* 改变您的HTTP服务器的缺省banner。 | 未修复 |
前言
漏洞啊,漏洞啊,要先停止nginx服务
步骤
解压安装包
使用的是一件部署包,所以要单独拿出来搞下~
tar -zxvf nginx-1.16.1.tar.gz
修改文件ngx_http_header_filter_module.c
cd nginx-1.16.1/src/http/
vi ngx_http_header_filter_module.c
# 要修改的配置
static u_char ngx_http_server_string[] = "Server: nginx" CRLF;
static u_char ngx_http_server_full_string[] = "Server: " NGINX_VER CRLF;
static u_char ngx_http_server_build_string[] = "Server: " NGINX_VER_BUILD CRLF;
修改为:
static u_char ngx_http_server_string[] = "Server: unknow" CRLF;
static u_char ngx_http_server_full_string[] = "Server: unknow" CRLF;
static u_char ngx_http_server_build_string[] = "Server: unknow" CRLF;
重新编译
cd nginx-1.16.1
# 安装nginx的目录 --prefix=/usr/local/nginx
./configure --prefix=/usr/local/nginx && make && make install
编译报错信息
#提示需要PCRE库
./configure: error: the HTTP rewrite module requires the PCRE library.
You can either disable the module by using --without-http_rewrite_module
option, or install the PCRE library into the system, or build the PCRE library
statically from the source with nginx by using --with-pcre=<path> option.
解决方法
yum -y install pcre-devel
再次编译
#编译
./configure --prefix=/usr/local/nginx && make && make install
#安装依赖
./configure --with-http_stub_status_module --with-http_v2_module --with-http_ssl_module --with-http_gzip_static_module --with-http_realip_module --with-http_flv_module --with-http_mp4_module --with-openssl=./openssl-1.0.2t --with-pcre=./pcre-8.43 --with-pcre-jit --with-ld-opt='-ljemalloc' && make && make install