Runbook

NGINX Server Info Disclosure Incident

Back to Runbooks

Overview

NGINX Server Info Disclosure Incident is a type of security issue where sensitive information about the server and its configuration is leaked or disclosed to unauthorized users or attackers. This could include information such as server version, modules, and other details that could be used to exploit vulnerabilities in the system. The disclosure of this information could compromise the security of the server and the data it handles, and could lead to potential security breaches. It is important to address this type of incident promptly to prevent any further damage and secure the server.

Parameters

Debug

Verify the NGINX server version

Check the NGINX configuration file

List enabled NGINX modules

Check the NGINX access log

Check the NGINX error log

Check NGINX server response headers

Repair

Disable server signature: The server signature or header can be disabled in the NGINX configuration file to prevent the disclosure of sensitive server information.

Learn more

Related Runbooks

Check out these related runbooks to help you debug and resolve similar issues.