Nginx隐藏和伪造版本号
发布时间:2024-05-15 点击:79
系统运维
1、默认使用curl命令访问:
# curl -i http://172.17.0.5
2、修改nginx.conf配置文件,在http配置段中新增如下代码:
# vim /usr/local/nginx/conf/nginx.conf
server_tokens off;
3、修改fastcgi.conf配置文件,注释如下代码:
# vim /usr/local/nginx/conf/fastcgi.conf
fastcgi_param? server_software? nginx/$nginx_version;
4、重载nginx:
# nginx -s reload
5、使用curl命令访问:
# curl -i http://172.17.0.5
6、伪造nginx的名称和版本号:
# vim /usr/src/nginx-1.16.1/src/core/nginx.h,修改如下代码
#define nginx_version 1.16.1 –> #define nginx_version 2.3.2
#define nginx_ver nginx/ nginx_version –> #define nginx_ver tengine/ nginx_version
# cd /usr/src/nginx-1.16.1
# ./configure –prefix=/usr/local/nginx –user=nginx –group=nginx –with-threads –with-file-aio –with-http_ssl_module –with-http_v2_module –with-http_realip_module –with-http_addition_module –with-http_xslt_module –with-http_image_filter_module –with-http_geoip_module –with-http_sub_module –with-http_dav_module –with-http_flv_module –with-http_mp4_module –with-http_gunzip_module –with-http_gzip_static_module –with-http_auth_request_module –with-http_random_index_module –with-http_secure_link_module –with-http_degradation_module –with-http_slice_module –with-http_stub_status_module –with-http_perl_module –with-mail –with-mail_ssl_module –with-stream –with-stream_ssl_module –with-stream_realip_module –with-stream_geoip_module –with-stream_ssl_preread_module –with-compat –with-pcre
# make && make install
# cd /usr/local/nginx/conf
# vim nginx.conf,删除之前新增的代码:server_tonkens off;
# nginx -s stop
# nginx
7、使用curl命令访问:
# curl -i http://172.17.0.5
购买阿里云服务器系统选择
绑定域名需要加www吗?网站怎么绑定域名?
我们为什么需要高防云服务器
跟踪罗永浩的5场直播后,我发现了3个引流技巧和7条带货启示
济南ecs云服务器是否高防
小程序如何制作解决方案
哪些过期域名值得购买 购买过期域名需要注意哪些
昨天晚上在你们平台竟价结束
1、默认使用curl命令访问:
# curl -i http://172.17.0.5
2、修改nginx.conf配置文件,在http配置段中新增如下代码:
# vim /usr/local/nginx/conf/nginx.conf
server_tokens off;
3、修改fastcgi.conf配置文件,注释如下代码:
# vim /usr/local/nginx/conf/fastcgi.conf
fastcgi_param? server_software? nginx/$nginx_version;
4、重载nginx:
# nginx -s reload
5、使用curl命令访问:
# curl -i http://172.17.0.5
6、伪造nginx的名称和版本号:
# vim /usr/src/nginx-1.16.1/src/core/nginx.h,修改如下代码
#define nginx_version 1.16.1 –> #define nginx_version 2.3.2
#define nginx_ver nginx/ nginx_version –> #define nginx_ver tengine/ nginx_version
# cd /usr/src/nginx-1.16.1
# ./configure –prefix=/usr/local/nginx –user=nginx –group=nginx –with-threads –with-file-aio –with-http_ssl_module –with-http_v2_module –with-http_realip_module –with-http_addition_module –with-http_xslt_module –with-http_image_filter_module –with-http_geoip_module –with-http_sub_module –with-http_dav_module –with-http_flv_module –with-http_mp4_module –with-http_gunzip_module –with-http_gzip_static_module –with-http_auth_request_module –with-http_random_index_module –with-http_secure_link_module –with-http_degradation_module –with-http_slice_module –with-http_stub_status_module –with-http_perl_module –with-mail –with-mail_ssl_module –with-stream –with-stream_ssl_module –with-stream_realip_module –with-stream_geoip_module –with-stream_ssl_preread_module –with-compat –with-pcre
# make && make install
# cd /usr/local/nginx/conf
# vim nginx.conf,删除之前新增的代码:server_tonkens off;
# nginx -s stop
# nginx
7、使用curl命令访问:
# curl -i http://172.17.0.5
购买阿里云服务器系统选择
绑定域名需要加www吗?网站怎么绑定域名?
我们为什么需要高防云服务器
跟踪罗永浩的5场直播后,我发现了3个引流技巧和7条带货启示
济南ecs云服务器是否高防
小程序如何制作解决方案
哪些过期域名值得购买 购买过期域名需要注意哪些
昨天晚上在你们平台竟价结束