How to change/modify Server response header in nginx


The “Server” response-header field contains information about the software used by the origin server to handle the request.  See the following curl output 

You can see the Header “Server: ATS”  inside the response.  This Header announces which Application/Server is used for serving the response.  This isn’t a major security risk, or even a medium security risk.  But sometimes, it requires to hide the “Server” header or modify it. In this article we will explain how to modify Server response header in nginx.

How to modify “Server” response header in nginx ?

There are multiple ways to achieve this.

1. Enable nginx “headers_more” module

This module allows you to add, set, or clear any output or input header that you specify.

This is an enhanced version of the standard headers module because it provides more utilities like resetting or clearing “builtin headers” like Content-Type, Content-Length, and Server.

Installation instructions are here

Once installed, we can set custom “Server” header by adding following in the nginx configuration file.

2. Modifying nginx source code.

In nginx source code “Server” header is hardcoded in the file “src/http/ngx_http_header_filter_module.c”. You can modify following lines and add your own headers

See the modified version below

Then recompile nginx with modified source code. 

Let us know incase you face any issue. Always happy to help ????

Leave a Reply

Your email address will not be published. Required fields are marked *