Disable server signature on nginx with modsecurity

nginx http-headers mod-security
5,789

Solution 1

Recompiling nginx with modsecurity-nginx connector worked. Followed this link to do this: compile nginx and modsecurity with nginx-modsecurity connector and included headers_more_module while compiling nginx.

Solution 2

If you are on Ubuntu the following should work:

  1. Install nginx-extras

    sudo apt-get install nginx-extras

  2. Edit /etc/nginx/nginx.conf and in the http block add:

    http {
    more_set_headers "Server: My_Custom_Server_Name";
    server_tokens off;
}

  3. Restart nginx

    sudo service nginx restart
Share:
5,789
TrickyExplorer
Author by

TrickyExplorer

Updated on September 18, 2022

Comments

  • TrickyExplorer
    TrickyExplorer almost 2 years

    I have compiled modsecurity and headers_more_module with nginx(1.13.6) on my ubuntu server. When modsecurity is not enabled at the nginx configuration, I am able to hide the origin server's name in the server responses:

    Server: nginx

    However, when modsecurity is enabled, I am getting the header in every response. How can I disable showing the server's signature with modsecurity enabled? Is there anything that should be modified in the modsecurity configuration to achieve this?

  • TrickyExplorer
    TrickyExplorer about 6 years
    I am on an ubuntu server. But, nginx-extras will work only if nginx was installed using apt-get. I have manually compiled nginx. Also, I need a solution for removing the header in the presence of modsecurity rather than just nginx.
  • TrickyExplorer
    TrickyExplorer about 6 years
    Could you please tell me when(to tweak the modsecurity configuration during compilation) and exactly which config file to add SecServerSignature?
  • ArtOfWarfare
    ArtOfWarfare about 3 years
    Also worked for me on a Raspberry Pi.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Proxy pass remote_user with nginx
nginx proxy_pass is setting port in response
nginx : add_header directive not working
NGINX Wordpress REST API not working with allow/deny in location block
Nginx map directive only matching default
nginx proxy_set_header x-forwarded-proto seemingly not working
how to get nginx to gzip all files and add an expires header
Content disposition header on Nginx
Install Mod_Security for Nginx without need to recompile
How to keep Authentication header with redirect using NGINX ingress annotations