Home PC Games Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Camouflage Nginx Web server version to prevent invasion     - Zabbix monitors Nginx status (Server)

- Weld a problem in JDK 8u60 environment (Programming)

- How do you access Dropbox Linux command line (Linux)

- Ubuntu install VMware Workstation 11 tutorials at 14.04 / 14.10 (Linux)

- Novice Advanced Ubuntu7.10 configured IP address (Linux)

- MySQL innodb_table_stats table does not exist solution (Database)

- Intrusion analysis and prevention tools Knark under Linux platform (Linux)

- Linux operating tips: Can not open file for writing or operation not permitted solution (Linux)

- Build your own Git server under Linux (Server)

- CentOS permanently banned from running in the background PackageKit (Linux)

- CentOS 7.0 Automatic installation CD-ROM production Comments (Linux)

- Zabbix installation and configuration process (Server)

- Understanding Java classes (Programming)

- Nginx version of helloworld (Server)

- Installation and configuration to compile MySQL 5.6.10 under CentOS 5.9 (Database)

- Oracle 11g em start newspaper site's security certificate has a solution to the problem (Database)

- Nonstandard IMP-00010 error processing one case (Database)

- ElasticSearch - Basic Concepts (Server)

- Security Features Linux and Unix operating system, programming (Linux)

- installation of Vim plugin YouCompleteMe under Ubuntu 15.04 (Linux)

 
         
  Camouflage Nginx Web server version to prevent invasion
     
  Add Date : 2018-11-21      
         
         
         
  In order to prevent hackers to scan web server information corresponding to the web server through the information to find the corresponding version of the loopholes, and thus the web server intrusion, nginx Although powerful, but also the software, the software may be vulnerable, for example nginx- 0.6.32 version, by default may lead to server errors any type of file to parse PHP manner, such as Trojan upload a jpg format to the forum site, through loopholes parsed into a phpshell, thereby obtaining permissions intrusion server, this will cause serious security problems, so that hackers can capture the nginx server support php. If the storm drain nginx version and the version and security vulnerabilities so your web server is certainly at stake.

Directed to nginx server, you can modify the source code in the header on nginx description below to nginx-1.2.0 version, for example.

[Root @ www nginx-1.2.0] # cd src / core /
[Root @ www core] # vim nginx.h ------- edit nginx.h file
/ *
* Copyright (C) Igor Sysoev
* Copyright (C) Nginx, Inc.
* /
#ifndef _NGINX_H_INCLUDED_
#define _NGINX_H_INCLUDED_
#define nginx_version 1002000
#define NGINX_VERSION "2.2.2" // default to 1.2.0
#define NGINX_VER "Apache /" NGINX_VERSION // default Nginx
#define NGINX_VAR "NGINX"
#define NGX_OLDPID_EXT ".oldbin"
#endif / * _NGINX_H_INCLUDED_ * /
Then compiled normally complete the installation.

Test results

Use nmap scan host

Get http request information using curl

Or visit a URL that does not exist can also see the effect

You can see whether or request for information on the website http packets with nmap scan host access requests using curl or even a nonexistent url displays web server using Apache2.2.2 version, thus hiding our real web server version That nginx-1.2.0 version, to protect the security of web servers.
     
         
         
         
  More:      
 
- MySQL primary and secondary replicate data inconsistencies (Database)
- Not safe procedure under Linux (Linux)
- Android judgment toward camera pictures (Programming)
- Two strokes to improve development productivity Struts2 (Programming)
- CentOS7 minimized installation can not find the 'ifconfig' command - Repair Tips (Linux)
- Ubuntu 14.04, 13.10 install OpenCV 2.4.9 (Linux)
- GRUB2 boot Ubuntu Manual (Linux)
- Installation Atom text editor on Mint Ubuntu / Linux (Linux)
- Java, boolean operators & =, | = ^ = use (Programming)
- Linux Open coredump (Linux)
- C ++ based socket communication TCP and UDP (Programming)
- Build Golang development environment configuration on Ubuntu 14.04 (Linux)
- Vim Common Command Summary (Linux)
- Linux system Iptables Firewall User Manual (Linux)
- RPM package fabrication method (Linux)
- Use Linux firewall camouflage defense hacked (Linux)
- Linux System Getting Started Learning: install software packages on Ubuntu and Fedora (Linux)
- Java Generics Introduction --HashMap summary (Programming)
- Laravel 4 Expansion Pack (Server)
- The simple multi-threaded Python (Programming)
     
           
     
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.