Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Camouflage Nginx Web server version to prevent invasion     - Linux Getting Started tutorial: Experience KVM Virtual Machine chapter (Linux)

- C # using the HttpClient Note: Preheat the long connection (Programming)

- Modify Linux SSH default port 22 in several ways (Linux)

- Java reflection mechanism explained in detail and Method.invoke explanation (Programming)

- Install Krita 2.8 on Ubuntu 13.10 / 12.04 / 12.10 (Linux)

- Let OpenCV face detection score output codes (Programming)

- Enable Intel Rapid Start in GNU / Linux (Linux)

- Findbugs installation documentation (Linux)

- Kibana use installation (Linux)

- RAID configuration and management under linux (Server)

- MongoDB3.0.6 wiredtiger MMAPv1 (Database)

- 12 Linux Process Management Commands (Linux)

- Installation and configuration of phpMyAdmin under CentOS (Database)

- Workaround CentOS error message during compilation PHP5 common (Linux)

- Windows7 system using Vagrant to build Linux virtualized development environment (Linux)

- Redis 3.0.3 Cluster Setup (Database)

- Linux systems use logwatch log file monitoring (Linux)

- Ubuntu Server security risk checks (Linux)

- CentOS7 Minimal minimize installation and then install the GNOME graphical interface (Linux)

- GNU / Linux enable Intel Rapid Start (Linux)

 
         
  Camouflage Nginx Web server version to prevent invasion
     
  Add Date : 2018-11-21      
         
         
         
  In order to prevent hackers to scan web server information corresponding to the web server through the information to find the corresponding version of the loopholes, and thus the web server intrusion, nginx Although powerful, but also the software, the software may be vulnerable, for example nginx- 0.6.32 version, by default may lead to server errors any type of file to parse PHP manner, such as Trojan upload a jpg format to the forum site, through loopholes parsed into a phpshell, thereby obtaining permissions intrusion server, this will cause serious security problems, so that hackers can capture the nginx server support php. If the storm drain nginx version and the version and security vulnerabilities so your web server is certainly at stake.

Directed to nginx server, you can modify the source code in the header on nginx description below to nginx-1.2.0 version, for example.

[Root @ www nginx-1.2.0] # cd src / core /
[Root @ www core] # vim nginx.h ------- edit nginx.h file
/ *
* Copyright (C) Igor Sysoev
* Copyright (C) Nginx, Inc.
* /
#ifndef _NGINX_H_INCLUDED_
#define _NGINX_H_INCLUDED_
#define nginx_version 1002000
#define NGINX_VERSION "2.2.2" // default to 1.2.0
#define NGINX_VER "Apache /" NGINX_VERSION // default Nginx
#define NGINX_VAR "NGINX"
#define NGX_OLDPID_EXT ".oldbin"
#endif / * _NGINX_H_INCLUDED_ * /
Then compiled normally complete the installation.

Test results

Use nmap scan host

Get http request information using curl

Or visit a URL that does not exist can also see the effect

You can see whether or request for information on the website http packets with nmap scan host access requests using curl or even a nonexistent url displays web server using Apache2.2.2 version, thus hiding our real web server version That nginx-1.2.0 version, to protect the security of web servers.
     
         
         
         
  More:      
 
- Nginx Beginner Guide (Server)
- Oracle 11g How dataguard master repository to Oracle single instance data recovery (Database)
- Use IF NOT EXISTS create a data table (Database)
- CentOS7 installation GAMIT and GMT (Linux)
- Analysis of C ++ exception mechanism (Programming)
- Quick Install software RAID on Linux (Linux)
- Android code performance optimization tips (Programming)
- To use Java arrays implement the order form (Programming)
- RHEL6.4 x86_64 build SVN service (Server)
- Mount NFS network file system (Linux)
- ORA-30926 and MERGE tables empty the temporary occupation problem (Database)
- C ++: Postmodern systems programming language (Programming)
- Encounter ORA-00600: internal error code, arguments: [4194] ORA-1552 (Database)
- Iptables small summary (Linux)
- Use CutyCapt to convert HTML pages to png images on Linux (Linux)
- Unix / Linux commonly used to clean up disk space command (Linux)
- Dell R710 server disk recovery database one case (record) (Server)
- Snapshot DataGuard (Database)
- Construction LVM-based raw device Oracle10g Database on Oracle Linux 5.11 (Database)
- Node.js installed on Ubuntu Upstream version (Linux)
     
           
     
  CopyRight 2002-2020 newfreesoft.com, All Rights Reserved.