How to disable Nginx test page in CentminMod

SystemMen - How to disable Nginx test page in CentminMod? By default, when you install CentminMod, it will create a Nginx test page.

When you access the server’s IP address on the browser, it will display the HTML test page of CentminMod.

Is this good? Let’s take a look.

how-to-disable-nginx-test-page-in-centminmod How to disable Nginx test page in CentminMod
Disable Nginx test page in CentminMod.

Why must disable Nginx test page in CentminMod?

With the experience of operating Linux server systems, I have worked with many different Linux systems.

To secure Linux servers, system administrators like me must hide information about the system. Make it hard to identify.

Hackers who want to attack a system will try to gather as much information about the target as possible.

And if you leave this page to Nginx test page, hackers can easily realize that you are using CentOS server and are using CentminMod to manage it. Hackers can rely on the vulnerabilities of CentminMod to exploit your server.

Therefore, we must disable it from the internet environment.

How to disable Nginx test page in CentminMod

First, you need to know where this page is configured in the server.

The Nginx test page is located in:


The vhost configuration file of test page in:


After knowing where it is, we will now start the job.

Note: First, you need to create your website on CentminMod server first, use Let’s Encrypt as much as possible.

Next, we delete the virtual.conf configuration file.

rm -f /usr/local/nginx/conf/conf.d/virtual.conf

And then, create a file:

nano /usr/local/nginx/conf/conf.d/virtual.conf

With the following content:

server {
    listen 80 default_server;
    listen 443 ssl default_server;

    server_name _;
    ssl_certificate		/usr/local/nginx/conf/ssl/;
    ssl_certificate_key		/usr/local/nginx/conf/ssl/;

    return 444;

    access_log		/var/log/nginx/localhost.access.log     combined buffer=256k flush=5m;
    error_log		/var/log/nginx/localhost.error.log	error;

    location /nginx_status {
        stub_status on;
        access_log   off;
        #allow youripaddress;
        deny all;

Look at the line return 444. Why is that?

I have encountered a case where a hacker took advantage of the vulnerability of server_name in web server Nginx to list the websites in that server.

Therefore, with the above configuration, if server_name is not configured in the CentminMod server. When accessing, you will get 444 code instead of randomly accessing the websites in the server.

And finally, you reload the Nginx configuration.

service nginx reload


Personally, I think you need to disable Nginx test page in CentminMod. This helps your server becomes safer against hackers. Try to hide your system as much as possible.

«« »»