#
# Global HTTP Server Security and Access Restriction Settings
#

# Don't allow access to directory listing if there is no index document.
# Default: Off
#autoindex off;

# Don't send the Nginx version number in error pages and server header
# Default: on
server_tokens off;

# Set our own server token
more_set_headers	'Server: CERN/3.0 libwww/2.17'
#more_set_headers	'Server: NCSA HTTPd 1.5.2a';
#more_set_headers	'Server: Netscape-Enterprise/3.5.1';
#more_set_headers	'Server: Apache/1.3.0 (Unix) PHP/3.0 ';
#more_set_headers	'Server: Microsoft-IIS/6.0';

# Controls whether header fields with invalid names should be ignored. Valid
# names are composed of English letters, digits, hyphens, and possibly
# underscores (as controlled by the underscores_in_headers directive).
# Default: on
#ignore_invalid_headers on;

# Enables or disables the use of underscores in client request header fields.
# When the use of underscores is disabled, request header fields whose names
# contain underscores are marked as invalid and become subject to the
# 'ignore_invalid_headers' directive.
# Default: off
#underscores_in_headers off;