nginx隐藏php头信息,隐藏nginx响应头,修改nginx返回头信息,隐藏php版本号,隐藏服务器信息...

隐藏服务器信息可以让服务器更加的安全,响应头中隐藏nginx版本号 隐藏php信息尤为重要,本例中分别介绍了隐藏nginx响应头信息,隐藏php返回头信息。

首先隐藏nginx版本信息，只需编辑 nginx.conf 文件

添加一行

server_tokens off;

http {

????include??????/etc/nginx/mime.types;

????default_type? application/octet-stream;

????index index.php index.html index.htm;

????server_tokens off;

????log_format? main?'$remote_addr - $remote_user [$time_local] "$request" '

??????????????????????'$status $body_bytes_sent "$http_referer" '

??????????????????????'"$http_user_agent" "$http_x_forwarded_for"';

????access_log?/var/log/nginx/access.log? main;

????sendfile??????? on;

????#tcp_nopush???? on;

????keepalive_timeout? 65;

????#gzip? on;

????include/etc/nginx/conf.d/*.conf;

}

响应头隐藏PHP版本休息,编辑php.ini文件找到expose_php = On , 修改为?expose_php = Off

;;;;;;;;;;;;;;;;;

; Miscellaneous ;

;;;;;;;;;;;;;;;;;

; Decides whether PHP may expose the fact that it is installed on the server

; (e.g. by adding its signature to the Web server header).? It is no security

; threat in any way, but it makes it possible to determine whether you use PHP

; on your server or not.

; http://www.php.net/manual/en/ini.core.php#ini.expose-php

expose_php = Off