Step 1. Disable Any Unwanted nginx Modules When you install nginx, it automatically includes many modules. Currently, you cannot choose modules at runtime. To disable certain modules, you need to recompile nginx. We recommend that you disable any modules that are not required as this will minimize the risk of potential attacks by limiting allowed operations. To do this, use the configure option during installation. In the example below, we disable the autoindex module, which generates automatic directory listings, and then recompile nginx. # ./configure --without-http_autoindex_module # make # make install Step 2. Disable nginx server_tokens By default, the server_tokens directive in nginx displays the nginx version number. It is directly visible in all automatically generated error pages but also present in all HTTP responses in the Server header. This could lead to information disclosure – an unauthorized user could gain ...