Disable server_tokens

How to disable Nginx version (server_tokens) in HTTP header response

By default, Nginx web server will include a HTTP header that outputs the Nginx version.

How to disable server_tokens

Prerequisites

  • Root access to the web server to update the nginx.conf file.

Instructions

  1. Log into your web server via SSH.

  2. Edit the nginx.conf file:

     vi /etc/nginx/nginx.conf
  3. Add the server_tokens parameter with the off value in the server { } block directive.

     server {
        listen 127.0.0.1:80;
        server_name mydomain.com;
        
        server_tokens off;
     }
  4. Save the file

  5. Reload the configuration file to test it:

     sudo nginx -t
  6. Restart Nginx:

     sudo systemctl restart nginx