For change the HTTP header in nginx is require recompile it from source. It quite easy.

First, download the latest version of nginx (1.0.2 at the time of writing):

>wget http://nginx.org/download/nginx-1.0.2.tar.gz

>tar xvzf nginx-1.0.2.tar.gz

>cd nginx-1.0.2

Changing the server string

The http header is in a file called ngx_http_header_filter_module.c:

>vi src/http/ngx_http_header_filter_module.c

Edit the following line :

static char ngx_http_server_string[] = “Server: nginx” CRLF;

… and change the nginx in ‘Server: nginx’ to whatever you want:

static char ngx_http_server_string[] = “Server: VietHiP” CRLF;

Next, edit src/core/nginx.h:

>vi src/core/nginx.h

Edit the following line

#define NGINX_VER         “nginx/”  NGINX_VERSION

… and change the server string to whatever you want:

#define NGINX_VER         “VietHip/”   NGINX_VERSION

Changing the version number

You might also want to change the version number to confuse attackers, or just for fun Edit src/core/nginx.h:

>vi src/core/nginx.h

Edit the following line

#define NGINX_VERSION    ”1.0.2″

… and change the version to whatever you want:

#define NGINX_VERSION   “0.0.7″

You can stop nginx from displaying the version entirely if you want, by include the server_tokens directive in your nginx.conf:

server_tokens off;

Compiling

You can set the prefix as appropriate – I keep it in /opt/ on Ubuntu

>./configure –prefix=/opt/nginx-1.0.2 –with-http_ssl_module

>make

>sudo make install

After this, use .bashrc or similar to add /opt/nginx-1.0.2/sbin to your path, then you can start your new nginx install using:

>sudo ngingx

To stop it, use ‘-s’ to send the stop signal:

>sudo nginx -s stop

Results

If you check the response headers, you should see your custom server string:

Server: VietHip/0.0.7, VietHip

Date: Sun, 22 May 2011 00:30:22 GMT

…

Gook luck!