macbre / docker-nginx-http3

Stable and up-to-date root-less nginx with quic + http/3, google brotli compression, njs, GeoIP2, and Grade A+ SSL config

https://hub.docker.com/r/macbre/nginx-http3

Do not expose server details

macbre opened this issue 3 years ago · comments

Maciej Brencz commented 3 years ago

Inspired by https://github.com/bunkerity/bunkerized-nginx

https://serverfault.com/a/1015876/448086

server_tokens "";

fails with: #26 1.388 nginx: [emerg] invalid value "" in /etc/nginx/nginx.conf:35

or

https://github.com/openresty/headers-more-nginx-module#more_clear_headers:

 more_clear_headers 'server';

Installation instructions // more headers

https://github.com/bunkerity/bunkerized-nginx/blob/master/helpers/install.sh#L491-L493

And https://www.upguard.com/blog/10-tips-for-securing-your-nginx-deployment

Disable TRACE and TRACK.
Configure Nginx to Include an X-Frame-Options Header.
Modify Nginx Web Server Configuration/SSL for X-XSS protection