diff --git a/conf/nginx.conf b/conf/nginx.conf index 0ca25269..6dd35045 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -7,6 +7,11 @@ server { server_name $HOSTNAME; root /tmp/invalid-path-nothing-here; + + # Improve privacy: Hide version an OS information on + # error pages and in the "Server" HTTP-Header. + server_tokens off; + # Redirect using the 'return' directive and the built-in # variable '$request_uri' to avoid any capturing, matching # or evaluation of regular expressions. @@ -20,6 +25,10 @@ server { server_name $HOSTNAME; + # Improve privacy: Hide version an OS information on + # error pages and in the "Server" HTTP-Header. + server_tokens off; + ssl_certificate $SSL_CERTIFICATE; ssl_certificate_key $SSL_KEY; include /etc/nginx/nginx-ssl.conf;