scgi_ignore_headers
The `scgi_ignore_headers` directive allows you to specify which headers from the SCGI server should be ignored in the response to the client.
Description
The scgi_ignore_headers directive is used within the NGINX configuration to control how certain response headers provided by an SCGI server are processed. By default, NGINX passes all headers from the SCGI response to the client, which can sometimes lead to unintended header exposure or conflicts. This directive lets you specify a list of headers to be ignored, thus allowing a cleaner and more controlled communication between the NGINX server and client.
The directive accepts one or more header names as arguments. Each specified header will be omitted from the response sent back to the client when proxied through NGINX. This can be particularly useful in scenarios where specific headers are deemed unnecessary or could potentially leak sensitive information. The header names should be entered in a case-insensitive manner, and multiple headers can be specified by separating them with spaces.
Using the scgi_ignore_headers directive can improve the security and performance of your applications by ensuring that only relevant headers are visible to the client. However, care should be taken not to ignore headers that are critical for the client, such as Content-Type or custom headers that might be necessary for client-side processing.
Config Example
location /app {
scgi_pass 127.0.0.1:9000;
scgi_ignore_headers X-Powered-By X-Server;
}Ensure that you do not ignore headers that are necessary for the client to function correctly.
Headers are case-insensitive, but it is good practice to specify them as they are normally known.
Ignoring critical headers may lead to loss of important metadata in the responses.