<ruby id="bdb3f"></ruby>

    <p id="bdb3f"><cite id="bdb3f"></cite></p>

      <p id="bdb3f"><cite id="bdb3f"><th id="bdb3f"></th></cite></p><p id="bdb3f"></p>
        <p id="bdb3f"><cite id="bdb3f"></cite></p>

          <pre id="bdb3f"></pre>
          <pre id="bdb3f"><del id="bdb3f"><thead id="bdb3f"></thead></del></pre>

          <ruby id="bdb3f"><mark id="bdb3f"></mark></ruby><ruby id="bdb3f"></ruby>
          <pre id="bdb3f"><pre id="bdb3f"><mark id="bdb3f"></mark></pre></pre><output id="bdb3f"></output><p id="bdb3f"></p><p id="bdb3f"></p>

          <pre id="bdb3f"><del id="bdb3f"><progress id="bdb3f"></progress></del></pre>

                <ruby id="bdb3f"></ruby>

                合規國際互聯網加速 OSASE為企業客戶提供高速穩定SD-WAN國際加速解決方案。 廣告
                # 隱藏nginx版本號的安全性和方法 [TOC]   搭建好nginx或者apache,為了安全起見我們都會隱藏他們的版本號,這邊講的是nginx的版本號,如果你也想隱藏apache的版本號,那請點前面的鏈接。請看nginx版本號信息隱藏文章。 ## 查看Nginx默認是顯示版本號 ~~~ curl -I localhost HTTP/1.1 200 OK Server: nginx/1.2.9 Date: Wed, 30 Dec 2015 01:44:34 GMT Content-Type: text/html Content-Length: 612 Last-Modified: Tue, 03 Nov 2015 14:31:43 GMT Connection: keep-alive Accept-Ranges: bytes ~~~   這樣就給別人看到服務器nginx版本是1.2.9,前些時間暴出了一些Nginx版本漏洞,就是說有些版本有漏洞,而有些版本沒有。這樣暴露出來的版本號就容易變成攻擊者可利用的信息。所以,從安全的角度來說,隱藏版本號會相對安全些!    ## 編輯nginx主配置文件   進入nginx配置文件的目錄,在`http { }`段里加上`server_tokens off;` 如: ~~~ http { server_tokens off; include mime.types; default_type application/octet-stream; ... 省略其他 ... } ~~~ ## 編輯php-fpm配置文件   如fastcgi.conf或fcgi.conf(這個配置文件名也可以自定義的,根據具體文件名修改): 找到: `fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;` 改為: `fastcgi_param SERVER_SOFTWARE nginx;` ## 測試、重載nginx配置 ~~~ nginx -t # 得到如下結果: nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful ## 重載配置 nginx -s reload ~~~ ## 查看修改后的結果 ### 修改前響應頭信息如下 > Cache-control:private Connection:keep-alive Content-Type:text/html; charset=utf-8 Date:Wed, 30 Dec 2015 01:51:20 GMT Expires:Thu, 19 Nov 1981 08:52:00 GMT Pragma:no-cache Server:**nginx/1.2.9** Transfer-Encoding:chunked X-Powered-By:ThinkPHP **修改前響應頭效果如下圖所示** ![](https://box.kancloud.cn/2015-12-30_56833fac1b246.png)    * * * * * ### 修改后響應頭信息如下 > Cache-control:private Connection:keep-alive Content-Type:text/html; charset=utf-8 Date:Wed, 30 Dec 2015 01:53:11 GMT Expires:Thu, 19 Nov 1981 08:52:00 GMT Pragma:no-cache **Server:nginx** Transfer-Encoding:chunked X-Powered-By:ThinkPHP **修改后響應頭效果如下圖所示** ![](https://box.kancloud.cn/2015-12-30_56833fb6abc60.png)
                  <ruby id="bdb3f"></ruby>

                  <p id="bdb3f"><cite id="bdb3f"></cite></p>

                    <p id="bdb3f"><cite id="bdb3f"><th id="bdb3f"></th></cite></p><p id="bdb3f"></p>
                      <p id="bdb3f"><cite id="bdb3f"></cite></p>

                        <pre id="bdb3f"></pre>
                        <pre id="bdb3f"><del id="bdb3f"><thead id="bdb3f"></thead></del></pre>

                        <ruby id="bdb3f"><mark id="bdb3f"></mark></ruby><ruby id="bdb3f"></ruby>
                        <pre id="bdb3f"><pre id="bdb3f"><mark id="bdb3f"></mark></pre></pre><output id="bdb3f"></output><p id="bdb3f"></p><p id="bdb3f"></p>

                        <pre id="bdb3f"><del id="bdb3f"><progress id="bdb3f"></progress></del></pre>

                              <ruby id="bdb3f"></ruby>

                              哎呀哎呀视频在线观看