Completely hide Nginx and PHP versions

Completely hide Nginx and PHP versions
Nginx displays the version number by default. Some time ago, the Nginx Version Vulnerability was exposed on the Internet. If your website can view the Nginx version through curl-I http: // domain name or IP address, the information may be exploited by attackers. From the perspective of website security, hiding Nginx versions is relatively safer.
The specific method is:
1. Enter the Nginx configuration file directory, vim nginx. conf, and add server_tokens off in the http {-} region;
Http {
... Omitted
Sendfileon;
Keepalive_timeout60;
Server_tokens off;
... Omitted
}
2. Edit the configuration file of php-fpm, for example, fastcgi. conf, fastcgi_params, and fcgi. conf. The modification method is as follows:
Find: fastcgi_paramserver_softwarengversion/$ nginx_version;
Changed to: fastcgi_paramserver_softwareng.pdf;
3. reload the nginx configuration file:/usr/local/nginx/sbin/nginx-s reload
Or restart Nginx smoothly:
Find the nginx main process number: ps-ef | grep "nginx: master process" | grep-v "grep" | awk-F ''' {print $2 }'
Kill-HUP nginx master process number
To hide the PHP version, you must modify the PHP configuration file php. ini. The specific process is as follows:
Vim php. ini,
Find expose_php = On
Change to: expose_php = Off
Restart PHP-fpm: pkill PHP-fpm
/Usr/local/php/sbin/php-fpm
In this way, hiding the nginx and PHP versions increases the website security!