一般情况下,软件的漏洞信息和特定版本是相关的,因此,软件的版本号对攻击者来说是很有价值的。

在默认情况下,Apache Httpd,Nginx,PHP 等系统会把版本模块都显示出来(http返回头信息)。

如果列举目录的话,会显示域名信息,服务器版本号,操作系统类型等。

 

1、Apache 隐藏版本号

不隐藏版本号,正常访问返回客户端头信息:

[root@ithomer conf]# curl --head 127.0.0.1
HTTP/1.1 200 OK
Date: Thu, 22 Jan 2015 15:39:00 GMT

Server: Apache/2.2.26 (CentOS)
X-Powered-By: PHP/5.5.9
Vary: Cookie,Accept-Encoding,User-Agent
X-Pingback: https://blog.mimvp.com/xmlrpc.php
Cache-Control: max-age=600
Expires: Thu, 22 Jan 2015 15:49:00 GMT
Content-Type: text/html; charset=UTF-8

上面头信息中,会显示服务器类型和版本(Apache/2.2.26),以及操作系统(CentOS)

 

修改Apache的配置文件:

vim /etc/httpd/conf/httpd.conf

修改 ServerTokens

修改 ServerTokens OS 为 ServerTokens productonly

重启 Apache : /etc/init.d/httpd restart

再次返回头信息如下:

[root@ithomer conf]# curl --head 127.0.0.1
HTTP/1.1 200 OK
Date: Thu, 22 Jan 2015 15:40:53 GMT

Server: Apache
X-Powered-By: PHP/5.5.9
Vary: Cookie,Accept-Encoding,User-Agent
X-Pingback: https://blog.mimvp.com/xmlrpc.php
Cache-Control: max-age=600
Expires: Thu, 22 Jan 2015 15:50:53 GMT
Content-Type: text/html; charset=UTF-8

 

同时修改 ServerTokens Prod ServerSignature 为off 返回结果

[root@ithomer conf]# curl --head 127.0.0.1
HTTP/1.1 200 OK
Date: Thu, 22 Jan 2015 16:23:07 GMT

Server: Apache
Vary: Cookie,Accept-Encoding,User-Agent
X-Pingback: https://blog.mimvp.com/xmlrpc.php
Cache-Control: max-age=600
Expires: Thu, 22 Jan 2015 16:33:07 GMT
Content-Type: text/html; charset=UTF-8

 

到这里,我们还可以改变apache的版本,这就要修改apache的源代码了

1、修改apache的源码包,找到并打开ap_release.h文件

vim /opt/httpd-2.4.57/include/ap_release.h

修改为:

/* 
add custom version "Server-mimvp/v5" 
#define AP_SERVER_BASEVERSION   AP_SERVER_BASEPRODUCT "/" AP_SERVER_BASEREVISION
*/
#define AP_SERVER_BASEVERSION   "Server-mimvp/v5"
#define AP_SERVER_VERSION       AP_SERVER_BASEVERSION

以下供参考:

#define AP_SERVER_BASEPRODUCT "Apache"
修改为
#define AP_SERVER_BASEPRODUCT "Microsoft-IIS/5.0”
或者
#define AP_SERVER_BASEPRODUCT "Microsoft-IIS/6.0”

 

2、然后找到os/unix下的os.h文件,将其

vim /opt/httpd-2.4.57/os/unix/os.h

修改为:

#ifndef PLATFORM
#define PLATFORM "OS-MiMVP"
#endif

以下供参考:

#define PLATFORM "Unix"
修改为
#define PLATFORM "Win32"
然后重新编译,安装apache

 

3、最后修改 vim /etc/httpd/conf/httpd.conf 配置文件,添加两行

ServerTokens Prod               // Prod 同 ProductOnly
ServerSignature Off

示例:

ServerSignature当访问到服务器一些非正常路径时,是否在网页底部显示关于服务器的信息,例如:Apache/2.4.57 (CentOS),其取值:ON为显示,OFF为不显示,EMail为显示邮件地址

1)ServerSignature 三个选项,分别是 On | Off | EMail

  • On       :   Server: Apache/2.4.57 (CentOS)
  • Off       :                                               推荐 
  • EMail  :   xxx@mimvp.com

2)ServerTokens 的取值如下,其分别隐藏信息依次增加

  • Prod / ProductOnly  :  Server: Apache
  • Major             :  Server: Apache/2
  • Minor             :  Server: Apache/2.2
  • Minimal         :  Server: Apache/2.2.26
  • OS                 :  Server: Apache/2.2.26 (CentOS)           推荐
  • Full                :  Server: Apache/2.2.26 (CentOS) DAV/2 PHP/5.5.9 SVN/1.6.11 mod_perl/2.0.4 Perl/v5.10.1

配置实战:

vim /usr/local/httpd/conf/httpd.conf

## Hide Apache Version
# ServerTokens value: Prod, ProductOnly, Major, Minor, Minimal, OS, Full
ServerTokens OS
ServerSignature Off

## 查询效果
# curl -I https://blog.mimvp.com      
HTTP/1.1 200 OK
Date: Fri, 21 Jun 2024 08:27:46 GMT
Server: Server-mimvp/v5 (OS-MiMVP)
Upgrade: h2
Connection: Upgrade
Link: <https://blog.mimvp.com/wp-json/>; rel="https://api.w.org/"
Cache-Control: max-age=600
Expires: Fri, 21 Jun 2024 08:37:46 GMT
Vary: User-Agent
Content-Type: text/html; charset=UTF-8

 

2、Nginx 隐藏版本号

2.1 修改 nginx 配置文件

vim /usr/local/nginx/conf/nginx.conf

打开nginx 配置文件,增加在 http {...} 模块下增加一行 server_tokens off;

server_tokens作用域是http server location语句块

server_tokens默认值是on,表示显示版本信息,设置server_tokens值是off,就可以在所有地方隐藏nginx的版本信息。

http {
    include             blockip.conf;
    include             mime.types;
    default_type        application/octet-stream;
    charset             utf-8;

    log_format   main   '$time_iso8601 $remote_addr - "$request_method $uri?$args" '
                        '$status $request_time $body_bytes_sent "$http_referer" '
                        '"$http_user_agent" "$http_x_forwarded_for"';

    server_tokens   off;            # 隐藏Nginx版本号

	....
}

 

2.2 修改源文件后编译

需修改五个文件,把nginx及其版本号修改成自己定义的,例如:"Server-mimvp/v5"

1)修改内部服务名和版本号(修改两处)

vim src/core/nginx.h

#define nginx_version      1026001
/**
#define NGINX_VERSION      "1.26.1"
#define NGINX_VER          "nginx/" NGINX_VERSION
*/
#define NGINX_VERSION      "v5"         # 修改版本号为 "v5"
#define NGINX_VER          "Server-mimvp/" NGINX_VERSION  # 修改服务名为 "Server-mimvp"

#ifdef NGX_BUILD
#define NGINX_VER_BUILD    NGINX_VER " (" NGX_BUILD ")"
#else
#define NGINX_VER_BUILD    NGINX_VER
#endif

2)修改返回头信息 Response Headers(修改一处)

vim src/http/ngx_http_header_filter_module.c          

//static u_char ngx_http_server_string[] = "Server: nginx" CRLF;
static u_char ngx_http_server_string[] = "Server: Server-mimvp" CRLF;
static u_char ngx_http_server_full_string[] = "Server: " NGINX_VER CRLF;
static u_char ngx_http_server_build_string[] = "Server: " NGINX_VER_BUILD CRLF;

3)修改错误页的底部Footer展示(修改一处)

vim src/http/ngx_http_special_response.c

// "<hr><center>nginx</center>" CRLF
"<hr><center>Server-mimvp</center>" CRLF
"</body>" CRLF
"</html>" CRLF

4)修改返回头信息(修改一处)

修改HTTP2文件: vim src/http/v2/ngx_http_v2_filter_module.c

//   "http2 output header: \"server: nginx\"");
    "http2 output header: \"server: Server-mimvp\"");

修改HTTP3文件: vim src/http/v3/ngx_http_v3_filter_module.c

        } else {
//            n = sizeof("nginx") - 1;
            n = sizeof("Server-mimvp") - 1;
        }

......

//            p = (u_char *) "nginx";
//            n = sizeof("nginx") - 1;
            p = (u_char *) "Server-mimvp";
            n = sizeof("Server-mimvp") - 1;
        }

        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
                       "http3 output header: \"server: %*s\"", n, p);

最后,修改源文件后,需重新编译nginx

 

2.3 修改 fastcgi.conf 

vim /usr/local/nginx/conf/fastcgi.conf

修改

fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  SERVER_SOFTWARE    nginx;

最后,重启 nginx

/etc/init.d/nginx restart

 

 

 

3、PHP 隐藏版本号

配置文件php.ini进行配置,默认情况下 expose_php = On

3.1 httpd 修改步骤:

vim /etc/php.ini

expose_php = On   将其改为   expose_php = Off

重启 Apache/etc/init.d/httpd restart

 

3.2 nginx 修改步骤

vim /usr/local/php/etc/php.ini

expose_php = On  将其改为  expose_php = Off

重启 php-fpm /etc/init.d/php-fpm restart

 

4、获取头信息

4.1 Apache获取头信息

[root@ithomer conf]# curl --head https://blog.mimvp.com
HTTP/1.1 200 OK
Date: Thu, 22 Jan 2015 16:15:48 GMT
Server: Apache            # 显示为 Server-mimvp/v5 (OS-MiMVP)
Vary: Cookie,Accept-Encoding,User-Agent
Upgrade: h2
Connection: Upgrade
X-Pingback: https://blog.mimvp.com/xmlrpc.php
Cache-Control: max-age=600
Expires: Thu, 22 Jan 2015 16:25:48 GMT
Content-Type: text/html; charset=UTF-8

发现上面php版本信息(X-Powered-By: PHP/5.5.9已经隐藏了

 

4.2 Nginx获取头信息

[root@mimvp-sz .script]# curl --head https://proxy.mimvp.com/phpinfo
HTTP/1.1 200 OK
Server: nginx/1.26.1                      # 隐藏版本后,显示为: nginx
Date: Thu, 11 Jul 2024 02:13:10 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/8.3.8                   # 隐藏版本后,不显示这行
Vary: proxys-zjk1

 

5、修改Tomcat 服务器名称的头信息

修改Tomcat配置文件:

vim /opt/apache-tomcat-7.0.54/conf/server.xml

添加下面红色一行:

    <Connector port="8280" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
server="MIServer" />

查看Tomcat头信息:

[root@ithomer conf]# curl --head 127.0.0.1:8280
HTTP/1.1 200 OK
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Date: Thu, 22 Jan 2015 16:30:20 GMT

Server: MIServer

发现上面Tomcat服务器名称已经修改为了 Server: MIServer

 

6、隐藏 Nexus 服务器的头信息

Nexus 默认运行在Jetty下,并且在头信息中曝露了版本号,如下:
[root@ithomer apache-tomcat-7.0.54]# curl --head 127.0.0.1:8081
HTTP/1.1 404 Not Found
Date: Fri, 23 Jan 2015 01:51:06 GMT
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 1267

Server: Jetty(8.1.11.v20130520)

由于Nexus服务运行在Jetty框架内,因此需要修改Jetty服务配置文件

修改jetty.xml配置文件 :

vim /opt/nexus-2.11.0/nexus-2.11.0-02/conf/jetty.xml

修改 sendServerVersion 值由 true 为 false(不发送服务器版本信息),如下:

<Set name="stopAtShutdown">true</Set>
  <Set name="sendServerVersion">false</Set>
<Set name="sendDateHeader">true</Set>
<Set name="gracefulShutdown">1000</Set>

 

重启Nexus服务:

/opt/nexus-2.11.0/nexus-2.11.0-02/bin/nexus restart

查看Nexus头信息:

[root@ithomer apache-tomcat-7.0.54]# curl --head 127.0.0.1:8081
HTTP/1.1 404 Not Found
Date: Fri, 23 Jan 2015 02:13:53 GMT
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 1267

修改完重启Nexus后,发现服务器版本信息 Server: Jetty(8.1.11.v20130520),已被隐藏了

 

 

参考推荐:

CentOS 7.2 / 6.5 系统安装指引

LNMP(CentOS+Nginx+Mysql+PHP)服务器环境配置

Nginx和PHP-FPM的启动、重启、停止脚本