Nginx 的漏洞扫描有很多整改项
资源下载地址:https://download.csdn.net/download/wangzhi291/89216805
资源里面需要conf/modules 需要上传 然后docker镜像文件 配置按下面的修改就行了
整改方法为增加 ngx_http_headers_more_filter_module模块
include /usr/share/nginx/modules/*.conf;
load_module modules/ngx_http_headers_more_filter_module.so;
#下面增加
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
server_tokens off;
more_clear_headers 'Server';
修复办法 增加配置 server 里面
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384';
ssl_prefer_server_ciphers on;