How to remove server header from nginx response in elastic beanstalk

Question

I am trying to remove the server header (server: nginx/1.20.0) from elastic beanstalk response. I have added 00_server.conf to .platform/nginx/conf.d/ in the source bundle with the following configuration

server {
    server_tokens off;
}

I am expecting this would extend the Elastic Beanstalk default nginx configuration as mentioned here and at least remove the version from the server header. But this is not working.

I need help with the following things:

How do I extend the default configuration so that I can remove the server version?
How do I remove the complete header?

I have looked at the similar questions on stackoverflow but they don't seem to help.

Update: Issue 1 is resolved. server_tokens need to be inside the http context. Updating the above configuration to

server_tokens off;

fixed the problem.

https://stackoverflow.blog/2011/07/01/its-ok-to-ask-and-answer-your-own-questions/ — denov, Mar 19 '22 at 03:44

score 0 · Answer 1 · answered Mar 19 '22 at 09:42

0

To remove the Server header completely you have many options, of which most prominent would be using ngx_security_headers module:

hide_server_tokens on;

answered Mar 19 '22 at 09:42

Danila Vershinin

8,725
2
29
35

How can you enable custom modules to nginx in AWS Elastic Beanstalk as the question requested? – timomeinen Aug 15 '23 at 07:33

How to remove server header from nginx response in elastic beanstalk

1 Answers1