Nginx installation and upgrade fix HTTP header information leakage Nginx version information vulnerability (and keep https configuration)

2024-07-08

1. Preparation
2. Modify the name and version information of nginx used by the web server
- 2.1 Modify the following three files:
2.2 Recompile nginx
2.3 nginx start and stop commands
2.4 Browser console packet capture can see:

1. Preparation

(1) Download the latest stable version of nginx package
Official website download address: https://nginx.org/en/download.html insert image description here

(2) Copy the nginx package to the server and decompress it (# decompress it to the current directory tar -zxvf resource package)
(3) Back up the server nginx.conf file and ssl certificate file

2. Modify the name and version information of nginx used by the web server

2.1 Modify the following three files:

(1) nginx.h file in the src/core directory

 #define NGINX_VERSION   "" 
 #define NGINX_VER   "CSDN" NGINX_VERSION

(2) ngx_http_header_filter_module.c file in the src/http directory

 static u_char ngx_http_server_string[] = "Server: CSDN" CRLF;

(3) ngx_http_special_response.c file in the src/http directory

 static u_char ngx_http_error_tail[] =
 "

Technology Sharing