| |
In order to prevent hackers to scan web server information corresponding to the web server through the information to find the corresponding version of the loopholes, and thus the web server intrusion, nginx Although powerful, but also the software, the software may be vulnerable, for example nginx- 0.6.32 version, by default may lead to server errors any type of file to parse PHP manner, such as Trojan upload a jpg format to the forum site, through loopholes parsed into a phpshell, thereby obtaining permissions intrusion server, this will cause serious security problems, so that hackers can capture the nginx server support php. If the storm drain nginx version and the version and security vulnerabilities so your web server is certainly at stake.
Directed to nginx server, you can modify the source code in the header on nginx description below to nginx-1.2.0 version, for example.
[Root @ www nginx-1.2.0] # cd src / core /
[Root @ www core] # vim nginx.h ------- edit nginx.h file
/ *
* Copyright (C) Igor Sysoev
* Copyright (C) Nginx, Inc.
* /
#ifndef _NGINX_H_INCLUDED_
#define _NGINX_H_INCLUDED_
#define nginx_version 1002000
#define NGINX_VERSION "2.2.2" // default to 1.2.0
#define NGINX_VER "Apache /" NGINX_VERSION // default Nginx
#define NGINX_VAR "NGINX"
#define NGX_OLDPID_EXT ".oldbin"
#endif / * _NGINX_H_INCLUDED_ * /
Then compiled normally complete the installation.
Test results
Use nmap scan host
Get http request information using curl
Or visit a URL that does not exist can also see the effect
You can see whether or request for information on the website http packets with nmap scan host access requests using curl or even a nonexistent url displays web server using Apache2.2.2 version, thus hiding our real web server version That nginx-1.2.0 version, to protect the security of web servers. |
|
|
|