Apache/Nginx/PHP 服务器隐藏版本号和系统
一般情况下,软件的漏洞信息和特定版本是相关的,因此,软件的版本号对攻击者来说是很有价值的。
在默认情况下,Apache Httpd,Nginx,PHP 等系统会把版本模块都显示出来(http返回头信息)。
如果列举目录的话,会显示域名信息,服务器版本号,操作系统类型等。
1、Apache 隐藏版本号
不隐藏版本号,正常访问返回客户端头信息:
[root@ithomer conf]# curl --head 127.0.0.1
HTTP/1.1 200 OK
Date: Thu, 22 Jan 2015 15:39:00 GMT
Server: Apache/2.2.26 (CentOS)
X-Powered-By: PHP/5.5.9
Vary: Cookie,Accept-Encoding,User-Agent
X-Pingback: https://blog.mimvp.com/xmlrpc.php
Cache-Control: max-age=600
Expires: Thu, 22 Jan 2015 15:49:00 GMT
Content-Type: text/html; charset=UTF-8
上面头信息中,会显示服务器类型和版本(Apache/2.2.26),以及操作系统(CentOS)
修改Apache的配置文件:
vim /etc/httpd/conf/httpd.conf
修改 ServerTokens
修改 ServerTokens OS 为 ServerTokens productonly
重启 Apache : /etc/init.d/httpd restart
再次返回头信息如下:
[root@ithomer conf]# curl --head 127.0.0.1
HTTP/1.1 200 OK
Date: Thu, 22 Jan 2015 15:40:53 GMT
Server: Apache
X-Powered-By: PHP/5.5.9
Vary: Cookie,Accept-Encoding,User-Agent
X-Pingback: https://blog.mimvp.com/xmlrpc.php
Cache-Control: max-age=600
Expires: Thu, 22 Jan 2015 15:50:53 GMT
Content-Type: text/html; charset=UTF-8
同时修改 ServerTokens 为 Prod 和 ServerSignature 为off 返回结果
[root@ithomer conf]# curl --head 127.0.0.1
HTTP/1.1 200 OK
Date: Thu, 22 Jan 2015 16:23:07 GMT
Server: Apache
Vary: Cookie,Accept-Encoding,User-Agent
X-Pingback: https://blog.mimvp.com/xmlrpc.php
Cache-Control: max-age=600
Expires: Thu, 22 Jan 2015 16:33:07 GMT
Content-Type: text/html; charset=UTF-8
到这里,我们还可以改变apache的版本,这就要修改apache的源代码了
1、修改apache的源码包,找到并打开ap_release.h文件
vim /opt/httpd-2.4.57/include/ap_release.h
修改为:
/* add custom version "Server-mimvp/v5" #define AP_SERVER_BASEVERSION AP_SERVER_BASEPRODUCT "/" AP_SERVER_BASEREVISION */ #define AP_SERVER_BASEVERSION "Server-mimvp/v5" #define AP_SERVER_VERSION AP_SERVER_BASEVERSION
以下供参考:
#define AP_SERVER_BASEPRODUCT "Apache"
修改为
#define AP_SERVER_BASEPRODUCT "Microsoft-IIS/5.0”
或者
#define AP_SERVER_BASEPRODUCT "Microsoft-IIS/6.0”
2、然后找到os/unix下的os.h文件,将其
vim /opt/httpd-2.4.57/os/unix/os.h
修改为:
#ifndef PLATFORM #define PLATFORM "OS-MiMVP" #endif
以下供参考:
#define PLATFORM "Unix"
修改为
#define PLATFORM "Win32"
然后重新编译,安装apache
3、最后修改 vim /etc/httpd/conf/httpd.conf 配置文件,添加两行
ServerTokens Prod // Prod 同 ProductOnly
ServerSignature Off
示例:
ServerSignature当访问到服务器一些非正常路径时,是否在网页底部显示关于服务器的信息,例如:Apache/2.4.57 (CentOS),其取值:ON为显示,OFF为不显示,EMail为显示邮件地址
1)ServerSignature 三个选项,分别是 On | Off | EMail
- On : Server: Apache/2.4.57 (CentOS)
- Off : 推荐
- EMail : xxx@mimvp.com
2)ServerTokens 的取值如下,其分别隐藏信息依次增加
- Prod / ProductOnly : Server: Apache
- Major : Server: Apache/2
- Minor : Server: Apache/2.2
- Minimal : Server: Apache/2.2.26
- OS : Server: Apache/2.2.26 (CentOS) 推荐
- Full : Server: Apache/2.2.26 (CentOS) DAV/2 PHP/5.5.9 SVN/1.6.11 mod_perl/2.0.4 Perl/v5.10.1
配置实战:
vim /usr/local/httpd/conf/httpd.conf ## Hide Apache Version # ServerTokens value: Prod, ProductOnly, Major, Minor, Minimal, OS, Full ServerTokens OS ServerSignature Off ## 查询效果 # curl -I https://blog.mimvp.com HTTP/1.1 200 OK Date: Fri, 21 Jun 2024 08:27:46 GMT Server: Server-mimvp/v5 (OS-MiMVP) Upgrade: h2 Connection: Upgrade Link: <https://blog.mimvp.com/wp-json/>; rel="https://api.w.org/" Cache-Control: max-age=600 Expires: Fri, 21 Jun 2024 08:37:46 GMT Vary: User-Agent Content-Type: text/html; charset=UTF-8
2、Nginx 隐藏版本号
2.1 修改 nginx 配置文件
vim /usr/local/nginx/conf/nginx.conf
打开nginx 配置文件,增加在 http {...} 模块下增加一行 server_tokens off;
server_tokens作用域是http server location语句块
server_tokens默认值是on,表示显示版本信息,设置server_tokens值是off,就可以在所有地方隐藏nginx的版本信息。
http {
include blockip.conf;
include mime.types;
default_type application/octet-stream;
charset utf-8;
log_format main '$time_iso8601 $remote_addr - "$request_method $uri?$args" '
'$status $request_time $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
server_tokens off; # 隐藏Nginx版本号
....
}
2.2 修改源文件后编译
需修改五个文件,把nginx及其版本号修改成自己定义的,例如:"Server-mimvp/v5"
1)修改内部服务名和版本号(修改两处)
vim src/core/nginx.h
#define nginx_version 1026001
/**
#define NGINX_VERSION "1.26.1"
#define NGINX_VER "nginx/" NGINX_VERSION
*/
#define NGINX_VERSION "v5" # 修改版本号为 "v5"
#define NGINX_VER "Server-mimvp/" NGINX_VERSION # 修改服务名为 "Server-mimvp"
#ifdef NGX_BUILD
#define NGINX_VER_BUILD NGINX_VER " (" NGX_BUILD ")"
#else
#define NGINX_VER_BUILD NGINX_VER
#endif
2)修改返回头信息 Response Headers(修改一处)
vim src/http/ngx_http_header_filter_module.c
//static u_char ngx_http_server_string[] = "Server: nginx" CRLF; static u_char ngx_http_server_string[] = "Server: Server-mimvp" CRLF; static u_char ngx_http_server_full_string[] = "Server: " NGINX_VER CRLF; static u_char ngx_http_server_build_string[] = "Server: " NGINX_VER_BUILD CRLF;
3)修改错误页的底部Footer展示(修改一处)
vim src/http/ngx_http_special_response.c
// "<hr><center>nginx</center>" CRLF "<hr><center>Server-mimvp</center>" CRLF "</body>" CRLF "</html>" CRLF
4)修改返回头信息(修改一处)
修改HTTP2文件: vim src/http/v2/ngx_http_v2_filter_module.c
// "http2 output header: \"server: nginx\"");
"http2 output header: \"server: Server-mimvp\"");
修改HTTP3文件: vim src/http/v3/ngx_http_v3_filter_module.c
} else {
// n = sizeof("nginx") - 1;
n = sizeof("Server-mimvp") - 1;
}
......
// p = (u_char *) "nginx";
// n = sizeof("nginx") - 1;
p = (u_char *) "Server-mimvp";
n = sizeof("Server-mimvp") - 1;
}
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http3 output header: \"server: %*s\"", n, p);
最后,修改源文件后,需重新编译nginx
2.3 修改 fastcgi.conf
vim /usr/local/nginx/conf/fastcgi.conf
修改
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
为
fastcgi_param SERVER_SOFTWARE nginx;
最后,重启 nginx
/etc/init.d/nginx restart
3、PHP 隐藏版本号
配置文件php.ini进行配置,默认情况下 expose_php = On
3.1 httpd 修改步骤:
vim /etc/php.ini
expose_php = On 将其改为 expose_php = Off
重启 Apache:/etc/init.d/httpd restart
3.2 nginx 修改步骤
vim /usr/local/php/etc/php.ini
expose_php = On 将其改为 expose_php = Off
重启 php-fpm :/etc/init.d/php-fpm restart
4、获取头信息
4.1 Apache获取头信息
[root@ithomer conf]# curl --head https://blog.mimvp.com
HTTP/1.1 200 OK
Date: Thu, 22 Jan 2015 16:15:48 GMT
Server: Apache # 显示为 Server-mimvp/v5 (OS-MiMVP)
Vary: Cookie,Accept-Encoding,User-Agent
Upgrade: h2
Connection: Upgrade
X-Pingback: https://blog.mimvp.com/xmlrpc.php
Cache-Control: max-age=600
Expires: Thu, 22 Jan 2015 16:25:48 GMT
Content-Type: text/html; charset=UTF-8
发现上面php版本信息(X-Powered-By: PHP/5.5.9)已经隐藏了
4.2 Nginx获取头信息
[root@mimvp-sz .script]# curl --head https://proxy.mimvp.com/phpinfo HTTP/1.1 200 OK Server: nginx/1.26.1 # 隐藏版本后,显示为: nginx Date: Thu, 11 Jul 2024 02:13:10 GMT Content-Type: text/html; charset=UTF-8 Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/8.3.8 # 隐藏版本后,不显示这行 Vary: proxys-zjk1
5、修改Tomcat 服务器名称的头信息
修改Tomcat配置文件:
vim /opt/apache-tomcat-7.0.54/conf/server.xml
添加下面红色一行:
<Connector port="8280" protocol="HTTP/1.1"
connectionTimeout="20000"
redirectPort="8443"
server="MIServer" />
查看Tomcat头信息:
[root@ithomer conf]# curl --head 127.0.0.1:8280
HTTP/1.1 200 OK
Content-Type: text/html;charset=ISO-8859-1
Transfer-Encoding: chunked
Date: Thu, 22 Jan 2015 16:30:20 GMT
Server: MIServer
发现上面Tomcat服务器名称已经修改为了 Server: MIServer
6、隐藏 Nexus 服务器的头信息
Nexus 默认运行在Jetty下,并且在头信息中曝露了版本号,如下:
[root@ithomer apache-tomcat-7.0.54]# curl --head 127.0.0.1:8081
HTTP/1.1 404 Not Found
Date: Fri, 23 Jan 2015 01:51:06 GMT
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 1267
Server: Jetty(8.1.11.v20130520)
由于Nexus服务运行在Jetty框架内,因此需要修改Jetty服务配置文件
修改jetty.xml配置文件 :
vim /opt/nexus-2.11.0/nexus-2.11.0-02/conf/jetty.xml
修改 sendServerVersion 值由 true 为 false(不发送服务器版本信息),如下:
<Set name="stopAtShutdown">true</Set>
<Set name="sendServerVersion">false</Set>
<Set name="sendDateHeader">true</Set>
<Set name="gracefulShutdown">1000</Set>
重启Nexus服务:
/opt/nexus-2.11.0/nexus-2.11.0-02/bin/nexus restart
查看Nexus头信息:
[root@ithomer apache-tomcat-7.0.54]# curl --head 127.0.0.1:8081
HTTP/1.1 404 Not Found
Date: Fri, 23 Jan 2015 02:13:53 GMT
Cache-Control: must-revalidate,no-cache,no-store
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 1267
修改完重启Nexus后,发现服务器版本信息 Server: Jetty(8.1.11.v20130520),已被隐藏了
参考推荐:
LNMP(CentOS+Nginx+Mysql+PHP)服务器环境配置
版权所有: 本文系米扑博客原创、转载、摘录,或修订后发表,最后更新于 2024-07-11 17:22:48
侵权处理: 本个人博客,不盈利,若侵犯了您的作品权,请联系博主删除,莫恶意,索钱财,感谢!