This is a repo for sharing my nginx configs, as part of the following tutorial:
Security and obscurity
I'll probably be asked about why I'm putting my actual configs out there for people to see. While I do believe obscurity can help with security in some situations, I don't believe this to be one of them.
A few points:
Nginx security comes from having a good configuration, not from hiding your configuration. There may be one or two attackers who are slightly helped in attacking me by having my actual configs, but it's not enough to worry about.
I'm running PHP and Wordpress, and it's a public website, so getting completely curb stomped is neither unlikely nor overly troubling.
Finally, the benefits to others in seeing decent configs outweighs my selfish desire to add .014% security by hiding my configs.
So I'll keep them up here unless I see a good argument why I shouldn't.