| #!/usr/bin/python | |
| # coding: utf-8 | |
| # ------------------------------------------------------------------- | |
| # 宝塔Linux面板 | |
| # ------------------------------------------------------------------- | |
| # Copyright (c) 2015-2099 宝塔软件(http://bt.cn) All rights reserved. | |
| # ------------------------------------------------------------------- | |
| # Author: lkq <lkq@bt.cn> | |
| # ------------------------------------------------------------------- | |
| # Time: 2022-08-10 | |
| # ------------------------------------------------------------------- | |
| # Nginx 版本泄露 | |
| # ------------------------------------------------------------------- | |
| import re, public, os | |
| _title = 'Nginx 版本泄露' | |
| _version = 1.0 # 版本 | |
| _ps = "Nginx 版本泄露" # 描述 | |
| _level = 2 # 风险级别: 1.提示(低) 2.警告(中) 3.危险(高) | |
| _date = '2022-8-10' # 最后更新时间 | |
| _ignore = os.path.exists("data/warning/ignore/sw_nginx_server.pl") | |
| _tips = [ | |
| "在【/www/server/nginx/conf/nginx.conf】文件中设置server_tokens off;", | |
| "提示:server_tokens off;" | |
| ] | |
| _help = '' | |
| _remind = '此方案加强了服务器防护,降低网站被入侵的风险。' | |
| def check_run(): | |
| ''' | |
| @name 检测nginx版本泄露 | |
| @author lkq<2020-08-10> | |
| @return tuple (status<bool>,msg<string>) | |
| ''' | |
| if os.path.exists('/www/server/nginx/conf/nginx.conf'): | |
| try: | |
| info_data = public.ReadFile('/www/server/nginx/conf/nginx.conf') | |
| if info_data: | |
| if re.search('server_tokens off;', info_data): | |
| return True, '无风险' | |
| else: | |
| return False, '当前Nginx存在版本泄露请在Nginx配置文件中添加或者修改参数server_tokens 为off;,例:server_tokens off;' | |
| except: | |
| return True, '无风险' | |
| return True, '无风险' | |