Warning: Undefined variable $html in /usr/share/nginx/html/lib/plugins/tabinclude/helper.php on line 240

Warning: Cannot modify header information - headers already sent by (output started at /usr/share/nginx/html/lib/plugins/tabinclude/helper.php:240) in /usr/share/nginx/html/inc/Action/Export.php on line 106

Warning: Cannot modify header information - headers already sent by (output started at /usr/share/nginx/html/lib/plugins/tabinclude/helper.php:240) in /usr/share/nginx/html/inc/Action/Export.php on line 106
nginx_security

Nginx Security

It is very important to keep your server secure. Hiding versions of php and apache are part of the security measures.

  • Hiding PHP-FPM version
  • Hiding nginx version

Hiding php-fpm version

If you run a curl on your website similar to the curl below, does it return php versions?
This is NOT secure. We will now make a simple change to the php-fpm php.ini file to hide this

Example curl:

curl -LIsX GET lukeslinux.co.uk | grep php
To hide the php value, find the following value and turn it off:
expose_php = On
Restart php-fpm and you are done. Test again by rerunning the curl command.