nginx_security
This is an old revision of the document!
Warning: Undefined variable $state in /usr/share/nginx/html/lib/plugins/tabinclude/helper.php on line 130
Warning: Undefined variable $html in /usr/share/nginx/html/lib/plugins/tabinclude/helper.php on line 240
Warning: Undefined array key "page" in /usr/share/nginx/html/lib/plugins/tabinclude/helper.php on line 265
Warning: Undefined array key "page" in /usr/share/nginx/html/lib/plugins/tabinclude/helper.php on line 268
Nginx Security
It is very important to keep your server secure. Hiding versions of php and apache are part of the security measures.
- Hiding PHP-FPM version
- hiding_nginx_version - Page not found.
Hiding php-fpm version
If you run a curl on your website similar to the curl below, does it return php versions?
This is NOT secure. We will now make a simple change to the php-fpm php.ini file to hide this
Example curl:
curl -LIsX GET lukeslinux.co.uk | grep phpTo hide the php value, find the following value and turn it off:
expose_php = OnRestart php-fpm and you are done. Test again by rerunning the curl command.
nginx_security.1450801519.txt.gz · Last modified: 2024/05/23 07:26 (external edit)