隐藏/去除nginx版本号，隐藏X-Powered-By响应头

本文最后更新于110 天前，其中的信息可能已经过时，如有错误请发送邮件到 baicola@126.com

隐藏Server的信息，Nginx版本号，在nginx.conf http段加上 server_tokens off就可以隐藏掉nginx的版本号

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    server_tokens off;#隐藏掉nginx的版本号

    server {
        listen 80;
        server_name www.buruyouni.com;
        location / {
            if (!-e $request_filename){
                rewrite ^/(.*)$ /index.php/$1 last;
            }
            index index.php index.html index.phtml index.htm;
            root /usr/local/nginx/html/yafcms/public;
        }
        location ~ .php(.*)$ {
            root /usr/local/nginx/html/yafcms/public;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            fastcgi_split_path_info ^(.+.php)(.*)$;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $fastcgi_path_info;
            fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
            include fastcgi_params;
          }
        }
}

删除server响应头

组件：headers-more-nginx-module

GitHub： https://github.com/openresty/headers-more-nginx-module

下载nginx模块

# 举例目录/app/tools
cd /app/tools/
#下载插件
wget https://github.com/openresty/headers-more-nginx-module/archive/v0.33.tar.gz
#解压
tar -zxvf v0.33.tar.gz

加载模块

# 查看安装参数命令(取出：configure arguments:)
/app/nginx/sbin/nginx -V
# 在nginx资源目录编译
cd /app/nginx-1.12.2/
# 将上面取出的configure arguments后面追加 --add-module=/app/tools/headers-more-nginx-module-0.33
./configure --prefix=/app/nginx112 --add-module=/app/tools/headers-more-nginx-module-0.33
# 编辑，切记没有make install
make
# 备份
cp /app/nginx112/sbin/nginx /app/nginx112/sbin/nginx.bak 
# 覆盖(覆盖提示输入y)
cp -f /app/nginx-1.12.2/objs/nginx /app/nginx112/sbin/nginx

修改配置

vim /app/nginx112/conf/nginx.conf
# 添加配置(在http模块)
more_clear_headers 'Server';

ps:（点我展开更多）

上面配置只是将http响应头中的Server:nginx/1.12.2清除，详细使用方案可阅读参考文档,
支持添加·修改·清除响应头的操作，

重启nginx

systemctl restart nginx
#根据自身系统选择重启命令
/app/nginx112/sbin/nginx -s stop
/app/nginx112/sbin/nginx

ps:（点我展开更多）

直接使用reload可能会无效

headers-more-nginx-module其他说明（点我展开更多）

Synopsis

 # set the Server output header
 more_set_headers 'Server: my-server';
 
 # set and clear output headers
 location /bar {
     more_set_headers 'X-MyHeader: blah' 'X-MyHeader2: foo';
     more_set_headers -t 'text/plain text/css' 'Content-Type: text/foo';
     more_set_headers -s '400 404 500 503' -s 413 'Foo: Bar';
     more_clear_headers 'Content-Type';
 
     # your proxy_pass/memcached_pass/or any other config goes here...
 }
 
 # set output headers
 location /type {
     more_set_headers 'Content-Type: text/plain';
     # ...
 }
 
 # set input headers
 location /foo {
     set $my_host 'my dog';
     more_set_input_headers 'Host: $my_host';
     more_set_input_headers -t 'text/plain' 'X-Foo: bah';
 
     # now $host and $http_host have their new values...
     # ...
 }
 
 # replace input header X-Foo *only* if it already exists
 more_set_input_headers -r 'X-Foo: howdy';

Description
This module allows you to add, set, or clear any output or input header that you specify.

This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing “builtin headers” like Content-Type, Content-Length, and Server.

It also allows you to specify an optional HTTP status code criteria using the -s option and an optional content type criteria using the -t option while modifying the output headers with the more_set_headers and more_clear_headers directives. For example,

 more_set_headers -s 404 -t 'text/html' 'X-Foo: Bar';

You can also specify multiple MIME types to filter out in a single -t option. For example,

more_set_headers -t 'text/html text/plain' 'X-Foo: Bar';

Never use other paramemters like charset=utf-8 in the -t option values; they will not work as you would expect.

Input headers can be modified as well. For example


 location /foo {
     more_set_input_headers 'Host: foo' 'User-Agent: faked';
     # now $host, $http_host, $user_agent, and
     #   $http_user_agent all have their new values.
 }

The option -t is also available in the more_set_input_headers and more_clear_input_headers directives (for request header filtering) while the -s option is not allowed.

Unlike the standard headers module, this module’s directives will by default apply to all the status codes, including 4xx and 5xx.

Back to TOC