1. Background

    You can create a rule to hide certain headers that you don’t want to be publicly accessible. To demonstrate, we will create a rule to hide headers the headers Etag and Link from file extensions that match the following regex string: ~ \.(ico|pdf|flv|jp?g|png|gif|js|css|webp|swf)(\.gz)?(\?.*)?$

  2. Rule

  3. Curl before headers were hidden

          ~$ curl -I http://foo.bar.netdna-cdn.com/file.png
          HTTP/1.1 200 OK
          Date: Mon, 26 Aug 2013 00:42:57 GMT
          Content-Type: image/png
          Content-Length: 128367
          Connection: keep-alive
          Last-Modified: Wed, 31 Jul 2013 20:09:33 GMT
          ETag: "12345-asdfasdfasdf"
          Accept-Ranges: bytes
          Cache-Control: max-age=31536000, public
          Expires: Tue, 26 Aug 2014 00:41:18 GMT
          Vary: User-Agent
          Pragma: public
          X-Powered-By: W3 Total Cache/0.9.3
          Link: ; rel="canonical"
          Server: NetDNA-cache/2.2
          X-Cache: HIT
          
  4. Curl with hidden headers Etag and Link

          ~$ curl -I http://foo.bar.netdna-cdn.com/file.png
          HTTP/1.1 200 OK
          Date: Mon, 26 Aug 2013 00:42:57 GMT
          Content-Type: image/png
          Content-Length: 128367
          Connection: keep-alive
          Last-Modified: Wed, 31 Jul 2013 20:09:33 GMT
          Accept-Ranges: bytes
          Cache-Control: max-age=31536000, public
          Expires: Tue, 26 Aug 2014 00:41:18 GMT
          Vary: User-Agent
          Pragma: public
          X-Powered-By: W3 Total Cache/0.9.3
          Server: NetDNA-cache/2.2
          X-Cache: HIT
          
  5. Resulting Nginx Configuration Block

          location ~ \.(ico|pdf|flv|jp?g|png|gif|js|css|webp|swf)(\.gz)?(\?.*)?$ {
                     proxy_hide_header 'Etag';
                     proxy_hide_header 'Link';
                     ...
          }