Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Camouflage Nginx Web server version to prevent invasion     - QBit development of micro-services (Server)

- Linux itself disguised illusion strengthen security (Linux)

- Oracle 11g user rights management study notes (Database)

- Linux operating system to solve a serious fault handling (Linux)

- Error: Unable to establish connection with FTP SFTP server (Server)

- Use mod_wsgi Django application deployment (Server)

- Linux see whether there is a hacker program (Linux)

- How to use the TF / SD card making Exynos 4412 u-boot boot disk in Ubuntu (Linux)

- Orionode source Linux Mint installation (Linux)

- ActiveMQ configuration Getting Started Tutorial (Server)

- How to use Xmanager Remote Desktop and VNC Log (Linux)

- The Linux C truncate function clears the file notes (Programming)

- CentOS7 + Redis Live Installation and Configuration (Linux)

- 3 tips Linux command (Linux)

- Why I do not like the Go language style interface (ie Structural Typing) (Programming)

- ORA-12545: Connection failed because the target host or object does not exist (Database)

- Linux iptables: Composition Rules (Linux)

- GNU / Linux enable Intel Rapid Start (Linux)

- To generate a certificate using OpenSSL under Linux (Server)

- Linux initialization init systems - Systemd (Linux)

 
         
  Camouflage Nginx Web server version to prevent invasion
     
  Add Date : 2018-11-21      
         
         
         
  In order to prevent hackers to scan web server information corresponding to the web server through the information to find the corresponding version of the loopholes, and thus the web server intrusion, nginx Although powerful, but also the software, the software may be vulnerable, for example nginx- 0.6.32 version, by default may lead to server errors any type of file to parse PHP manner, such as Trojan upload a jpg format to the forum site, through loopholes parsed into a phpshell, thereby obtaining permissions intrusion server, this will cause serious security problems, so that hackers can capture the nginx server support php. If the storm drain nginx version and the version and security vulnerabilities so your web server is certainly at stake.

Directed to nginx server, you can modify the source code in the header on nginx description below to nginx-1.2.0 version, for example.

[Root @ www nginx-1.2.0] # cd src / core /
[Root @ www core] # vim nginx.h ------- edit nginx.h file
/ *
* Copyright (C) Igor Sysoev
* Copyright (C) Nginx, Inc.
* /
#ifndef _NGINX_H_INCLUDED_
#define _NGINX_H_INCLUDED_
#define nginx_version 1002000
#define NGINX_VERSION "2.2.2" // default to 1.2.0
#define NGINX_VER "Apache /" NGINX_VERSION // default Nginx
#define NGINX_VAR "NGINX"
#define NGX_OLDPID_EXT ".oldbin"
#endif / * _NGINX_H_INCLUDED_ * /
Then compiled normally complete the installation.

Test results

Use nmap scan host

Get http request information using curl

Or visit a URL that does not exist can also see the effect

You can see whether or request for information on the website http packets with nmap scan host access requests using curl or even a nonexistent url displays web server using Apache2.2.2 version, thus hiding our real web server version That nginx-1.2.0 version, to protect the security of web servers.
     
         
         
         
  More:      
 
- Linux upgrade Glibc (Linux)
- Install Firefox 28 on Ubuntu, Linux Mint (Linux)
- How to add any of a Linux distribution beautiful fonts (Linux)
- Bash difference in single quotes and double quotes (Programming)
- C # C ++ Java interface type conversion (Programming)
- Linux character device - a simple character device model (Linux)
- How to add two-factor authentication for Linux systems SSH (Linux)
- Default permissions Linux file and directory permissions and hide - umask, chattr, lsattr, SUID, SGID, SBIT, file (Linux)
- Linux regex sed detailing (Linux)
- Oracle Database routine inspection (Database)
- Analysis of Java reflection mechanism (Programming)
- Github with .gitignore ignore specified file (Linux)
- Oracle 11g upgrade PSU detailed steps (Database)
- Linux_Logo - output color ANSI Linux distributions logo command-line tool (Linux)
- Installation and use GAMIT / GLOBK Software (Linux)
- Intel Graphics Installer installation on Ubuntu 15.10 (Linux)
- Export error: ORA-04063: package body dmsys dbms dm model exp has error (Database)
- Use web2py + uWSGI + Nginx Web server built on Linux (Server)
- PL / SQL how to make the program every few seconds to insert a data (Database)
- Ubuntu 14.04 build Hadoop 2.5.1 standalone and pseudo-distributed environment (32-bit) (Server)
     
           
     
  CopyRight 2002-2020 newfreesoft.com, All Rights Reserved.