nginx.conf:
server_tokens off;
Why could this get ignored, the header is still sent:
Server: nginx
No, other included config files do not contain server_tokens
configuration.
Yes, I did restart all services.
To cite the docs on the server_tokens
directive:
Enables or disables emitting nginx version in error messages and in the “Server” response header field.
According to the docs, it thus doesn't prevent the generation of the Server
header but only prevents the addition of the exact version. If you want to completely remove the servers header, you could use the ngx_headers_more module.