Version 1.33 -> settings/http/server_version to false not working

[tobias992]

Hi,

It's not possible to disable the server_version. The config is reloading fine but still i can see the version number. We use unit 1.33.

curl request:
curl -X PUT --data-binary 'false' --unix-socket /run/control.unit.sock http://localhost/config/settings/http/server_version { "success": "Reconfiguration done." }

My config file:
{ "settings": { "http": { "server_version": false } }, // Rest of my config }

[hongzhidao]

Hi,

The config is reloading fine but still i can see the version number.

Did you mean you can see the number in the response from the above curl request?
Note the option is used for http request processed in the router process but not control api.

[ac000]

Just double checked this is still working, it is.

Note that by design you will still get a 'Server' header showing 'Unit'

[tobias992]

Thank you for your help. But then I don't know what my mistake is. I use nginx in front to handle static files, firewall and caching stuff. All php requests I proxy to unit. WordPress is running fine. I just have 2 problems:

• i still can see the unit version in wordpress backend (https://ibb.co/YRz7XYy), in phpinfo (https://ibb.co/gSLBJsJ) and $_SERVER['SERVER_SOFTWARE'] is also Unit/1.33.0
• the $_SERVER['SERVER_ADDR'] variables shows the name from unit listen socket (for this may i will open another request if i cannot find a solution for this)

Attached my full config:
{ "settings": { "http": { "server_version": false } }, "listeners": { "unix:/run/php/php-site123-unit-test.sock": { "pass": "routes", "forwarded": { "client_ip": "X-Forwarded-For", "source": "unix" } } }, "routes": [ { "match": { "uri": [ "*.php", "*.php/*", "/wp-admin/" ] }, "action": { "pass": "applications/php_app/direct" } }, { "action": { "share": "/home/site123/html/docs$uri", "fallback": { "pass": "applications/php_app/index" } } } ], "applications": { "php_app": { "type": "php", "user": "user123", "group": "user123", "targets": { "direct": { "root": "/home/site123/html/docs/" }, "index": { "root": "/home/site123/html/docs/", "script": "index.php" } }, "processes": 2, "options": { "admin": { "max_input_vars": "3000", "max_execution_time": "180", "memory_limit": "512M", "max_input_time": "180", "upload_max_filesize": "256M", "post_max_size": "256M", "opcache.enable": "1", "opcache.memory_consumption": "256M", "opcache.max_accelerated_files": "100000", "opcache.revalidate_freq": "0", "opcache.validate_permission": "1", "opcache.restrict_api": "/home/site123/html/docs/", "disable_functions": "symlink,shell_exec,exec,system,passthru," } } } } }

[ac000]

Ah, I think this may be a different issue as certainly with phpinfo, I don't think it gets the version from the 'Server' header, which is all that that option currently effects.

[ac000]

Yeah, it's coming from (for php)

1432     php_register_variable_safe((char *) "SERVER_SOFTWARE",                 
1433                                (char *) nxt_server.start,                  
1434                                nxt_server.length, track_vars_array TSRMLS_CC);

in src/nxt_php_sapi.c

nxt_server is defined in src/nxt_application.c

  72 nxt_str_t  nxt_server = nxt_string(NXT_SERVER);                            

NXT_SERVER is defined in src/nxt_main.h as

 15 #define NXT_SERVER                   NXT_NAME "/" NXT_VERSION

[ac000]

This perhaps warrants an "per-application" setting that hides the version from applications themselves...

[callahad]

@tobias992 Just to help me better understand the context, may I ask why you want to hide the SERVER_SOFTWARE variable from your application processes?

[tobias992]

@callahad I don't care about local development. But when the site is online, I think it's always a good practice to hide the server software version. I think if nginx unit has the server_version setting, it should work automatically for all applications. This is what I personally expect from such a setting. Because at the moment this setting makes no sense to me because it doesn't work for the full setup.