Home CentOS How to Hide Version Numbers of Nginx and PHP on a LEMP Server

How to Hide Version Numbers of Nginx and PHP on a LEMP Server

CentOS By · October 1, 2019 · 0 Comment Share


If you are running one or more websites based on the LEMP stack, a practical security measure is to hide the version numbers of Nginx and PHP. This would prevent hackers from using version-specific security breaches to attack your servers.

Let’s have a look at how to implement this measure on a Vultr WordPress server instance which is based on the LEMP stack. All of the instructions in this article should apply to other LEMP-based Vultr apps as well.

Determine current visibility of version numbers

curl -I [your-server-IP]:80

Then you will see the result, which resembles:

HTTP/1.1 200 OK
Server: nginx/1.10.0
Date: Fri, 06 May 2016 04:11:38 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
X-Powered-By: PHP/5.6.20
Link: <http://[your-server-IP]/wp-json/>; rel="https://api.w.org/"

As you see, on my server, the version number of Nginx is 1.10.0, and the version number of PHP is 5.6.20.

Hide the version number of Nginx

Display Nginx configuration details:

nginx -V

Among those parameters, find the parameter “–conf-path” which defines the location of the Nginx configuration file:

--conf-path=/etc/nginx/nginx.conf

Modify the Nginx configuration file with vi:

sudo vi /etc/nginx/nginx.conf

Add a configuration sentence server_tokens off; within the http { } segment:

http {
    ... 
    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    server_tokens  off;    #<= The sentence is added Here.

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

Save and quit:

:wq

Edit the fastcgi configuration file:

sudo vi /etc/nginx/fastcgi_params

Replace the line:

fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

With:

fastcgi_param  SERVER_SOFTWARE    nginx;

Save and quit:

:wq

Hide the version number of PHP

Modify the PHP configuration file:

sudo vi /etc/php.ini

Find the line:

expose_php = On

Modify it to:

expose_php = Off

Save and quit:

:wq

Finally, put your modifications into effect:

sudo pkill php-fpm
sudo php-fpm
sudo service nginx restart

Verify your modifications:

curl -I [your-server-IP]:80

The version info of Nginx and PHP are no longer visible:

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 06 May 2016 05:16:43 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Link: <http://[your-server-IP ]/wp-json/>; rel="https://api.w.org/"

Want to contribute?

You could earn up to $300 by adding new articles

Submit your article
Suggest an update
Request an article

How VPS

Related Posts

Install Imagemagick on CentOS

June 28, 2023 0
This is how I installed Imagemagick on a vanilla CentOS server Start off by installing the prerequisites yum install php-pear gcc php-devel php-pear Issue the following to verify whether you… Read more
Failed to download metadata for repo 'appstream' on Centos 8

How to fix error: Failed to download metadata for repo ‘appstream’ on Centos 8

February 25, 2022 0
I tried to update some extensions by use yum on centOs which I specified in Dockerfile. After pulling centOs image the run crushed and throw this error!? And i have... Read more
How to Install BoltWire CMS on CentOS 7

How to Install BoltWire CMS on CentOS 7

October 1, 2019 0
Using a Different System? How to Install BoltWire CMS on CentOS 7? Are we missing a guide for your target system? Request one, or submit your own! Introduction BoltWire is... Read more

Setup HTTP Authentication With Nginx on CentOS 7

October 1, 2019 0
In this guide, you will learn how to Setup HTTP Authentication With Nginx on CentOS 7 (setup HTTP authentication for an Nginx web server running on CentOS 7). Setup HTTP... Read more
Setup NGINX with ModSecurity on CentOS 6

Setup NGINX with ModSecurity on CentOS 6

October 1, 2019 0
In this article, I will explain how to build a LEMP stack protected by ModSecurity. ModSecurity is an open-source web application firewall that is useful to protect against injects, PHP... Read more
How to Install Foreman on CentOS 7

How to Install Foreman on CentOS 7

October 1, 2019 0
How to Install Foreman on CentOS 7 Using a Different System? Are we missing a guide for your target system? Request one, or submit your own! Foreman is a free... Read more
Install ModSecurity and OWASP on CentOS 6 and Apache 2

ModSecurity and OWASP on CentOS 6 and Apache 2

October 1, 2019 0
Install ModSecurity and OWASP on CentOS 6 and Apache 2 – ModSecurity is a web application layer firewall designed to work with IIS, Apache2 and Nginx. It is free, open-source... Read more
Install BigTree CMS on a CentOS 7

How to Install BigTree CMS 4.2 on a CentOS 7 LAMP VPS

October 1, 2019 0
BigTree CMS 4.2 is a fast and lightweight, free and open source, enterprise-grade Content Management System (CMS) with extensive and extensible content management capabilities. Notable BigTree CMS features include: full... Read more
How to Install CWP on CentOS 7

How to Install CentOS Web Panel (CWP) on CentOS 7

October 1, 2019 0
CentOS Web Panel, or CWP, is a powerful, open source web hosting control panel designed for CentOS, RHEL, and CloudLinux. With the help of CWP, system administrators can easily perform... Read more
How To Install The Command Line Cheat Sheet On Linux

How To Install The Command Line Cheat Sheet On Linux

October 1, 2019 0
How To Install The Command Line Cheat Sheet On Linux? Introduction Cheat is a python-based command reminder tool. Compared to lengthy and vague man and info pages, cheat provides distinct... Read more

Leave a Reply

Your email address will not be published. Required fields are marked *