How To Disable ETag in NGINX

Everything Linux, A.I, IT News, DataOps, Open Source and more delivered right to you.
Subscribe
"The best Linux newsletter on the web"

Hello, friends. We continue with this little round of Nginx tutorials and tricks. This time, we will explain how to disable ETag in Nginx. As in previous posts, it will be a simple post, but that can help us a lot on a server.

What is Etag?

ETag (entity tag) is part of HTTP and is a method used by the protocol to validate the web cache and allows users to make conditional requests.

One thing to note is that the use of ETags in the HTTP header is optional. But the problem is that many site administrators consider it to be insecure and a security risk and choose to disable it.

The issue is that if ETags are misused, it is possible to track users through the browser cache. So today we are going to disable it.

Prerequisites

Before we continue, we have to make sure that we meet the requirements to complete the post without problems

  • You need to have Nginx installed and configured. So make sure you have it using the official repositories of your Linux distribution.
  • The version of Nginx must be higher than 1.9.5 You should have no issue to have it because most distributions include recent versions.
  • Have basic knowledge on the use of the terminal.
  • A user with sudo access or root access.

Let’s go for it.

How to globally disable ETag in Nginx

If you want to disable ETag globally affecting all the sites you have on the server, then you have to edit the Nginx configuration file which is /etc/nginx/nginx.conf.

sudo nano /etc/nginx/nginx.conf

And inside the http section add the etag off directive. It will look like this.

http {
   ...
   etag off;
   ...
}

Save the changes, close the editor and restart Nginx to apply the changes.

sudos sytemctl restart nginx

How to disable ETag in Nginx for one site

In case you have several sites and each one has its own dedicated configuration, then you have to edit each of the site configuration files where you want to disable ETag.

For example,

sudo nano /etc/nginx/sites-enabled/domain.conf

But unlike the previous method, we have to add etag off inside server. It will look like this.

server {
   listen 80;
   server_name domain;
   etag off;
}

In the same way, close the editor and restart Nginx.

Conclusion

ETag can be very useful, but it is also a bit risky. So many sysadmins consider it better to disable it. Today, you learned this using Nginx.

Everything Linux, A.I, IT News, DataOps, Open Source and more delivered right to you.
Subscribe
"The best Linux newsletter on the web"
Angelo
Angelo
I am Angelo. A systems engineer passionate about Linux and all open-source software. Although here I'm just another member of the family.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

Join us on Facebook