Home PC Games Linux Windows Database Network Programming Server Mobile  
  Home \ Linux \ Camouflage Nginx Web server version to prevent invasion     - Linux operating system must know the security command (Linux)

- Docker knowledge base (Server)

- GAMIT 10.50 installed in Ubuntu 12.04 system (Linux)

- The top command under Linux (Linux)

- Kali Linux virtualbox rc = Error 1908 workaround (Linux)

- Linux Command Line Art (Linux)

- Build your own Web server under Ubuntu Linux system (Server)

- How to remove the files inside the privacy of data on Linux (Linux)

- TWiki LDAP error appears the problem is solved (Linux)

- Computer security protection remove local and remote system log files (Linux)

- How to generate Linux, random password encryption or decryption (Linux)

- Protobuf compiled and used on the Ubuntu 14.04 (Programming)

- Large site architecture study notes (Server)

- MySQL 5.7.10 source code for the latest version of the installation process in detail (Database)

- Linux some lessons learned about network security (Linux)

- It is time to upgrade your gulp 4.0 (Programming)

- General Linux interface server parameter tuning (Server)

- Linux common commands MEMO (Linux)

- Vim plugin installation YouCompleteMe (Linux)

- socket busy poll of Linux kernel 3.11 to avoid sleep switch (Linux)

  Camouflage Nginx Web server version to prevent invasion
  Add Date : 2018-11-21      
  In order to prevent hackers to scan web server information corresponding to the web server through the information to find the corresponding version of the loopholes, and thus the web server intrusion, nginx Although powerful, but also the software, the software may be vulnerable, for example nginx- 0.6.32 version, by default may lead to server errors any type of file to parse PHP manner, such as Trojan upload a jpg format to the forum site, through loopholes parsed into a phpshell, thereby obtaining permissions intrusion server, this will cause serious security problems, so that hackers can capture the nginx server support php. If the storm drain nginx version and the version and security vulnerabilities so your web server is certainly at stake.

Directed to nginx server, you can modify the source code in the header on nginx description below to nginx-1.2.0 version, for example.

[Root @ www nginx-1.2.0] # cd src / core /
[Root @ www core] # vim nginx.h ------- edit nginx.h file
/ *
* Copyright (C) Igor Sysoev
* Copyright (C) Nginx, Inc.
* /
#define nginx_version 1002000
#define NGINX_VERSION "2.2.2" // default to 1.2.0
#define NGINX_VER "Apache /" NGINX_VERSION // default Nginx
#define NGX_OLDPID_EXT ".oldbin"
#endif / * _NGINX_H_INCLUDED_ * /
Then compiled normally complete the installation.

Test results

Use nmap scan host

Get http request information using curl

Or visit a URL that does not exist can also see the effect

You can see whether or request for information on the website http packets with nmap scan host access requests using curl or even a nonexistent url displays web server using Apache2.2.2 version, thus hiding our real web server version That nginx-1.2.0 version, to protect the security of web servers.
- MySQL partition table Comments (Database)
- Django1.5 Custom User Model (Programming)
- Spark build standalone version cluster (Server)
- To build a private Docker registry (Server)
- Use innobackupex full realization of MySQL hot backup (Database)
- JavaScript function closures Quick Start (Programming)
- To compile and install MySQL 5.7.7 RC under CentOS 7.1 (Database)
- PostgreSQL-- run Supervisord on Docker in Ubuntu (Database)
- Red Hat Linux security settings document (Linux)
- How to protect your eyes automatically adjust the screen brightness on Linux (Linux)
- Configuring Eclipse Note Templates (Linux)
- Ubuntu: To install chat client Chatty 0.6.1 (Linux)
- Talk Packages (Linux)
- Linux Shell Scripting Interview Question (Linux)
- Linux character device - automatically creates the device nodes and devices (Linux)
- SME Linux network security policy server security (Linux)
- Servlet 3.0 interfaces of AsyncListener (Programming)
- Linux / Centos anti CC attack script (Linux)
- Proxmox VE implement KVM OpenVZ virtualization cloud computing (Server)
- Ubuntu installation module Python rq (Linux)
  CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.