Open in app

Sign in

Write

Sign in

Nginx and PCI Compliance

Andrew Zheng
zurassic
Published in
Jan 17, 2021

Based my experience with Nginx and PCI compliance scan, there are few things you need to setup to make sure it passes the PCI compliance:

  1. Disable TLSv1 (this is not valid is you’re using latest Nginx version 1.19.3)

Follow my guide here if you need to do that: https://medium.com/zurassic/how-to-completely-disable-tls-v1-from-nginx-99f6e2862cb8

2. Disable Server Token

vi /etc/nginx/nginx.conf
# add the following line in http section
server_tokens off;

This will hide your Nginx version in 404 page or curl result. Note it’ll still tell you’re using Nginx.

Nginx
Pci Compliance
Security Scanning
Digitalocean

--

--

Andrew Zheng
zurassic

Written by Andrew Zheng

84 Followers
Editor for

Full stack problem solver with a passion for simplicity. Personal site: http://zurassic.com

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams