How do I hide server version for more security in NGINX?

For security reasons you might want to hide your server version (For example "nginx/1.10.3 (Ubuntu)) in the header response and in error pages.

To achieve this just change this code in the /etc/nginx/nginx.conf file:

# server_tokens off;

To this:

server_tokens off

You can also run this 1-line command to easily do it at once:

sed -i "s/# server_tokens.*/server_tokens off;/" /etc/nginx/nginx.conf && service nginx reload

After this make sure you restart NGINX and reload your webpage to see if the server version is present in the site's headers.

01 March 2019