diff --git a/controllers/nginx/pkg/config/config.go b/controllers/nginx/pkg/config/config.go
index 7e5eb5f269..b57fd96220 100644
--- a/controllers/nginx/pkg/config/config.go
+++ b/controllers/nginx/pkg/config/config.go
@@ -156,6 +156,11 @@ type Configuration struct {
 	// http://nginx.org/en/docs/http/ngx_http_core_module.html#server_names_hash_bucket_size
 	ServerNameHashBucketSize int `json:"server-name-hash-bucket-size,omitempty"`
 
+	// Enables or disables emitting nginx version in error messages and in the “Server” response header field.
+	// http://nginx.org/en/docs/http/ngx_http_core_module.html#server_tokens
+	// Default: true
+	ShowServerTokens bool `json:"server-tokens"`
+
 	// Enabled ciphers list to enabled. The ciphers are specified in the format understood by
 	// the OpenSSL library
 	// http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_ciphers
@@ -234,6 +239,7 @@ func NewDefault() Configuration {
 		ProxyRealIPCIDR:          defIPCIDR,
 		ServerNameHashMaxSize:    512,
 		ServerNameHashBucketSize: 64,
+		ShowServerTokens:         true,
 		SSLBufferSize:            sslBufferSize,
 		SSLCiphers:               sslCiphers,
 		SSLProtocols:             sslProtocols,
@@ -266,13 +272,13 @@ func NewDefault() Configuration {
 }
 
 type TemplateConfig struct {
-	BacklogSize        int
-	Backends           []*ingress.Backend
+	BacklogSize         int
+	Backends            []*ingress.Backend
 	PassthroughBackends []*ingress.SSLPassthroughBackend
-	Servers            []*ingress.Server
-	TCPBackends        []*ingress.Location
-	UDPBackends        []*ingress.Location
-	HealthzURI         string
-	CustomErrors       bool
-	Cfg                Configuration
+	Servers             []*ingress.Server
+	TCPBackends         []*ingress.Location
+	UDPBackends         []*ingress.Location
+	HealthzURI          string
+	CustomErrors        bool
+	Cfg                 Configuration
 }
diff --git a/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl b/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
index 6592465283..f18b6a365b 100644
--- a/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
+++ b/controllers/nginx/rootfs/etc/nginx/template/nginx.tmpl
@@ -68,6 +68,8 @@ http {
     gzip_proxied any;
     {{ end }}
 
+    server_tokens {{ if $cfg.ShowServerTokens }}on{{ else }}off{{ end }};
+
     client_max_body_size "{{ $cfg.BodySize }}";
 
     log_format upstreaminfo '{{ if $cfg.UseProxyProtocol }}$proxy_protocol_addr{{ else }}$remote_addr{{ end }} - '