---
id: 6eddb759-7991-4d73-8d1b-5ab56de33832
---

# NGINX Server Info Disclosure Incident
---

NGINX Server Info Disclosure Incident is a type of security issue where sensitive information about the server and its configuration is leaked or disclosed to unauthorized users or attackers. This could include information such as server version, modules, and other details that could be used to exploit vulnerabilities in the system. The disclosure of this information could compromise the security of the server and the data it handles, and could lead to potential security breaches. It is important to address this type of incident promptly to prevent any further damage and secure the server.

### Parameters
```shell
export SERVER_URL="PLACEHOLDER"
```

## Debug

### Verify the NGINX server version
```shell
nginx -v
```

### Check the NGINX configuration file
```shell
cat /etc/nginx/nginx.conf
```

### List enabled NGINX modules
```shell
nginx -V 2>&1 | grep modules
```

### Check the NGINX access log
```shell
tail -n 100 /var/log/nginx/access.log
```

### Check the NGINX error log
```shell
tail -n 100 /var/log/nginx/error.log
```

### Check NGINX server response headers
```shell
curl -I ${SERVER_URL}
```

## Repair

### Disable server signature: The server signature or header can be disabled in the NGINX configuration file to prevent the disclosure of sensitive server information.
```shell


#!/bin/bash



# Backup the original configuration file

sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak



# Remove server signature from the configuration file

sudo sed -i 's/server_tokens .*;/server_tokens off;/' /etc/nginx/nginx.conf



# Restart NGINX service to apply the changes

sudo systemctl restart nginx


```

NGINX Server Info Disclosure Incident is a type of security issue where sensitive information about the server and its configuration is leaked or disclosed to unauthorized users or attackers. This could include information such as server version, modules, and other details that could be used to exploit vulnerabilities in the system. The disclosure of this information could compromise the security of the server and the data it handles, and could lead to potential security breaches. It is important to address this type of incident promptly to prevent any further damage and secure the server.


```shell
export SERVER_URL="PLACEHOLDER"
```


### Verify the NGINX server version

```shell
nginx -v
```

### Check the NGINX configuration file

```shell
cat /etc/nginx/nginx.conf
```

### List enabled NGINX modules

```shell
nginx -V 2>&1 | grep modules
```

### Check the NGINX access log

```shell
tail -n 100 /var/log/nginx/access.log
```

### Check the NGINX error log

```shell
tail -n 100 /var/log/nginx/error.log
```

### Check NGINX server response headers

```shell
curl -I ${SERVER_URL}
```


### Disable server signature: The server signature or header can be disabled in the NGINX configuration file to prevent the disclosure of sensitive server information.

```shell


#!/bin/bash



# Backup the original configuration file

sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak



# Remove server signature from the configuration file

sudo sed -i 's/server_tokens .*;/server_tokens off;/' /etc/nginx/nginx.conf



# Restart NGINX service to apply the changes

sudo systemctl restart nginx


```


NGINX Server Info Disclosure Incident

Overview

Parameters

Debug

Verify the NGINX server version

Check the NGINX configuration file

List enabled NGINX modules

Check the NGINX access log

Check the NGINX error log

Check NGINX server response headers

Repair

Disable server signature: The server signature or header can be disabled in the NGINX configuration file to prevent the disclosure of sensitive server information.

Learn more

Related Runbooks

Support