Go to Qiita Advent Calendar 2024 Top
LoginSignup
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

@mnrst

Azure AppService で Nginx と PHP のバージョンを非表示にしてみた

Posted at

Azure AppService で Nginx と PHP のバージョン非表示を試してみました。

検証用 AppService を用意

bash
region=japaneast
prefix=mnrwebtest

az group create \
  --name ${prefix}-rg \
  --location $region

az appservice plan create \
  --name ${prefix}-plan \
  --resource-group ${prefix}-rg \
  --is-linux \
  --sku B1

az webapp create \
  --name ${prefix}-app \
  --resource-group ${prefix}-rg \
  --plan ${prefix}-plan \
  --runtime "PHP|8.0"

AppService の SSH で phpinfo を作成

bash
echo "<?php phpinfo(); ?>" > site/wwwroot/phpinfo.php

デフォルトの状態確認

Nginx と PHP のバージョンが表示されます。

bash
$ curl -I https://${prefix}-app.azurewebsites.net/phpinfo.php
HTTP/2 200 
content-type: text/html; charset=utf-8
date: Sat, 30 Dec 2023 05:04:41 GMT
server: nginx/1.24.0
set-cookie: ARRAffinity=e63a905017535be41fdba6560ff1ca4471d38789f7bd81ecafc51bcd61386024;Path=/;HttpOnly;Secure;Domain=mnrwebtest-app.azurewebsites.net
set-cookie: ARRAffinitySameSite=e63a905017535be41fdba6560ff1ca4471d38789f7bd81ecafc51bcd61386024;Path=/;HttpOnly;SameSite=None;Secure;Domain=mnrwebtest-app.azurewebsites.net
x-powered-by: PHP/8.0.30

Nginx のバージョンを非表示

bash
cp /etc/nginx/sites-enabled/default /home/default

vi default

下記のように server_tokens off; を追記します。

appservice-nginx-version-01.png

bash
cp /home/default /etc/nginx/sites-enabled/default

nginx -t

nginx -s reload

Nginx のバージョン非表示を確認

bash
$ curl -I https://${prefix}-app.azurewebsites.net/phpinfo.php
HTTP/2 200 
content-type: text/html; charset=utf-8
date: Sat, 30 Dec 2023 05:05:43 GMT
server: nginx
set-cookie: ARRAffinity=e63a905017535be41fdba6560ff1ca4471d38789f7bd81ecafc51bcd61386024;Path=/;HttpOnly;Secure;Domain=mnrwebtest-app.azurewebsites.net
set-cookie: ARRAffinitySameSite=e63a905017535be41fdba6560ff1ca4471d38789f7bd81ecafc51bcd61386024;Path=/;HttpOnly;SameSite=None;Secure;Domain=mnrwebtest-app.azurewebsites.net
x-powered-by: PHP/8.0.30

AppService のスタートアップコマンドを設定

bash
az webapp config set \
  --name ${prefix}-app \
  --resource-group ${prefix}-rg \
  --startup-file "cp /home/default /etc/nginx/sites-enabled/default; nginx -s reload"

PHP のバージョンを非表示

bash
mkdir ini

echo "expose_php = Off" >> ini/setting.ini

az webapp config appsettings set \
  --name ${prefix}-app \
  --resource-group ${prefix}-rg \
  --settings PHP_INI_SCAN_DIR="/usr/local/etc/php/conf.d:/home/ini"

PHP のバージョン非表示を確認

bash
$ curl -I https://${prefix}-app.azurewebsites.net/phpinfo.php
HTTP/2 200 
content-type: text/html; charset=utf-8
date: Sat, 30 Dec 2023 05:11:49 GMT
server: nginx
set-cookie: ARRAffinity=e63a905017535be41fdba6560ff1ca4471d38789f7bd81ecafc51bcd61386024;Path=/;HttpOnly;Secure;Domain=mnrwebtest-app.azurewebsites.net
set-cookie: ARRAffinitySameSite=e63a905017535be41fdba6560ff1ca4471d38789f7bd81ecafc51bcd61386024;Path=/;HttpOnly;SameSite=None;Secure;Domain=mnrwebtest-app.azurewebsites.net

参考

0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?