安全优化-隐藏版本号server_tokens
Syntax: server_tokens on | off | build | string;
Default: server_tokens on;
Context: http, server, location
在主配置文件nginx.conf、虚拟主机的配置文件中配置,选一个配置即可
官方文档地址:http://nginx.org/en/docs/http/ngx_http_core_module.html#server_tokens
在主配置文件nginx.conf加入
[root@web01 conf]# cat /application/nginx/conf/nginx.conf
worker_processes 2;
error_log logs/error.log;
#配置Nginx worker进程最大打开文件数
worker_rlimit_nofile 65535;
user www www;
events {
#单个进程允许的客户端最大连接数
worker_connections 20480;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
#访问日志配置
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#虚拟主机
include /application/nginx/conf/extra/www.conf;
include /application/nginx/conf/extra/blog.conf;
include /application/nginx/conf/extra/bbs.conf;
include /application/nginx/conf/extra/edu.conf;
include /application/nginx/conf/extra/phpmyadmin.conf;
include /application/nginx/conf/extra/status.conf;
#隐藏版本号
server_tokens off;
}
但是 ! 但是! 但是!
如果nginx代理是多层代理,每一层都要加上上面的参数!!!
不然依然会显示下层nginx的版本号!!!