bunkerized-nginx v1.4.1 releases: nginx Docker image secure by default

bunkerized-nginx

nginx Docker image secure by default.

Avoid the hassle of following security best practices each time you need a web server or reverse proxy. Bunkerized-nginx provides generic security configs, settings, and tools so you don’t need to do it yourself.

A non-exhaustive list of features :

• HTTPS support with transparent Let’s Encrypt automation
• State-of-the-art web security: HTTP security headers, prevent leaks, TLS hardening, …
• Integrated ModSecurity WAF with the OWASP Core Rule Set
• Automatic ban of strange behaviors with fail2ban
• Antibot challenge through a cookie, javascript, captcha, or recaptcha v3
• Block TOR, proxies, bad user-agents, countries, …
• Block known bad IP with DNSBL and CrowdSec
• Prevent bruteforce attacks with rate limiting
• Detect bad files with ClamAV
• Easy to configure with environment variables

Fooling automated tools/scanners :

Changelog v1.4.1

• Fix sending local IPs to BunkerNet when DISABLE_DEFAULT_SERVER=yes
• Fix certbot bug when AUTOCONF_MODE=yes
• Fix certbot bug when MULTISITE=no
• Add reverse proxy timeouts settings
• Add auth_request settings
• Add authentik and authelia examples
• Prebuilt Docker images for arm64 and armv7
• Improve documentation for Linux integration
• Various fixes in the documentation

Install & Use

Copyright (C) 2022 bunkerity