During security testing, the target web server was found to expose its exact Nginx version (1.25.x) via HTTP response headers. The "Server" header reveals the full backend software version, indicating that the 'server_tokens' directive is not properly disabled. This represents a security misconfiguration and allows accurate technology fingerprinting by remote attackers. Additionally, the server responds with HTTP 403 Forbidden errors while still disclosing the Nginx version. This behavior increases the attack surface by providing attackers with valuable reconnaissance information even when access is restricted. Furthermore, the affected IP address was observed hosting multiple virtual hosts, making it susceptible to virtual host enumeration techniques. Combined with version disclosure, this enables attackers to identify additional hidden applications and services hosted on the same infrastructure. Impact: - Precise server fingerprinting - Identification of version-specific vulnerabilities - Expanded attack surface - Facilitation of targeted attacks against virtual hosts This issue can be mitigated by disabling server version disclosure using 'server_tokens off' and applying strict security hardening to HTTP error responses.