huw*_*uwr 3 ruby nginx amazon-web-services amazon-elastic-beanstalk
我正在平台Ruby 2.2(Passenger Standalone)上运行一个应用程序,并希望隐藏HTTP标头中的nginx版本.我没有使用Docker.其他Stack Overflow答案建议将此添加到我的.ebextensions:
00_nginx.conf:
files:
"/etc/nginx/conf.d/proxy.conf":
mode: "000644"
content: |
http {
server_tokens off;
passenger_show_version_in_header off;
}
但这没有任何作用.我应该把文件放在另一个地方吗?
使用Ruby 2.2 + Passenger Standalone 1.4.3的AWS Elastic Beanstalk不使用(原始)Nginx 1.6.2.它使用Passenger Standalone 1.4.3服务器,它是Nginx 1.6.2的修改版本.
因此,如果要修改Nginx配置,则必须编辑Passenger Standalone配置.Passenger Standalone配置位于$(passenger-config about resourcesdir)/templates/standalone/config.erb.
您可以使用以下内容.ebextensions:
00-passenger.config:
files:
"/home/ec2-user/hide_passenger_version.sh" :
mode: "000777"
owner: ec2-user
group: ec2-user
content: |
#!/bin/bash
CONFIG_FILE=$(/opt/rubies/ruby-2.2.2/bin/passenger-config about resourcesdir)/templates/standalone/config.erb
if ! grep -q "server_tokens off;" $CONFIG_FILE; then
sed -i '/http {/a\
server_tokens off;\
passenger_show_version_in_header off;' $CONFIG_FILE
fi
commands:
00-hide-passenger-version:
command: sh /home/ec2-user/hide_passenger_version.sh
cwd: /home/ec2-user
上面的配置将检查Passanger配置server_tokens off;.如果server_tokens off;未设置,我们添加server_tokens off;并passenger_show_version_in_header off;在下面(追加)http {.
之前:
$ curl -I http://itmustbeasecret.elasticbeanstalk.com/hello
HTTP/1.1 200 OK
Content-Length: 12
Content-Type: text/html;charset=utf-8
Date: Sat, 25 Jul 2015 14:21:27 GMT
Server: nginx/1.6.2 + Phusion Passenger 4.0.59
Status: 200 OK
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: Phusion Passenger 4.0.59
X-XSS-Protection: 1; mode=block
Connection: keep-alive
之后:
$ curl -I http://itmustbeasecret.elasticbeanstalk.com/hello
HTTP/1.1 200 OK
Content-Length: 12
Content-Type: text/html;charset=utf-8
Date: Sat, 25 Jul 2015 14:03:23 GMT
Server: nginx + Phusion Passenger
Status: 200 OK
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Powered-By: Phusion Passenger
X-XSS-Protection: 1; mode=block
Connection: keep-alive
注意:上述配置仅影响Passenger是否(重新)启动.因此,您需要终止当前实例.
| 归档时间: |
|
| 查看次数: |
1510 次 |
| 最近记录: |