Closed elruwen closed 7 years ago
+1
This also overlaps with #324, just in case someone is looking into it.
I suspect others have already found work arounds for this but the simplest I have found is to add the following statements to the /etc/kong/kong.yml
file to modify the nginx configuration.
# Add additional response headers
header_filter_by_lua_block {
kong.header_filter()
ngx.header["Server"] = nil
ngx.header["Via"] = nil
ngx.header["X-Kong-Proxy-Latency"] = nil
ngx.header["X-Kong-Upstream-Latency"] = nil
}
Where would this go in the kong.conf for 0.9.1?
Try modifying /usr/local/share/lua/5.1/kong/templates/kong/templates/nginx_kong.lua and restart Kong.
Hmm we run Kong on EC2 instances and simply install the kong rpm. Of course we can write some script, package it and let it do this modification. But it would be nice if there is a cleaner way.
The response transfer plugin can only remove the X-Powered-By
header but all others seem to be added later.
@elruwen You can have a look at https://github.com/Mashape/kong/issues/1842#issuecomment-262719479 perhaps this is a better way to solve it.
I tried adding above mentioned configuration nginx_kong.conf file and restarted the kong server in the meanwhile the file got overwritten with the default configuration and my changes disappeared. Please help me starting kong server with custom nginx_kong.conf.
We are doing currently the following:
There is the file /usr/local/share/lua/5.1/kong/templates/nginx.lua (the exact path might be different on your system).
We added to the http section the following lines:
more_clear_headers 'Server';
server_tokens off;
I found a solution for Kong 1.4.X (using database deployment, meaning there's no kong.yaml)
Execute elruwen's solution by editing the following file:
sudo vim /usr/local/share/lua/5.1/kong/templates/nginx.lua
You will find something like this:
http {
> if #proxy_listeners > 0 or #admin_listeners > 0 then
include 'nginx-kong.conf';
> end
}
Modify it by adding elruwnen's line, like this (if you add the line server_tokens off; kong won't start):
http {
> if #proxy_listeners > 0 or #admin_listeners > 0 then
include 'nginx-kong.conf';
> end
more_clear_headers 'Server';
}
Go and edit your kong.conf file:
sudo vim /etc/kong/kong.conf
Search for the headers section and edit it:
From this:
headers = server_tokens, latency_tokens
to this:
headers = off
restart kong
How to remove the headers server:0.13.1 version
How to remove the headers Server: kong/2.0.0 and use our own certificat in nginx
@Tryptich @Kishorelk See the documentation for the headers
entry at: https://docs.konghq.com/2.1.x/configuration/#headers
It shouldn't be necessary to edit the nginx template, editing kong.conf
should be sufficient. Note that in that case, by disabling Kong's Server
header, it will still proxy the Server
value provided by the upstream service.
Hi!
If I currently do a kong request, the response contains the following headers: 'server': 'Apache-Coyote/1.1', 'via': 'kong/0.6.1', 'x-kong-proxy-latency': '0', 'x-kong-upstream-latency': '79'}
Server is the value from the upstream server, the rest is set by kong. While this is nice for debugging, I would prefer to hide those values from the public.
I would be nice to have a configuration flag to turn the exposure off.
Cheers Ruwen