Nginx hardened image based on alpine nginx image.
- Don't expose Nginx version
- Quad9 as default DNS resolver
- TLSv1.2 & TLSv1.3 only
- Disabled some weak ciphers
- Default self signed certificate is generated at start
- Some performance optimization
- Stream configuration
Multi-arch docker images are available on Docker Hub:
- The
latesttag is built from the main branch. - The
latesttag and the last release tag are refreshed nightly to get the latest security updates.
docker run --rm -it -p 8443:443 krewh/hardened-nginx