3.3 Ensure error logging is enabled and set to the info logging level

Information

All errors for applications should be logged.

Rationale:

Error logging can be useful in identifying an attacker attempting to exploit a system and recreating an attacker's steps. Error logging also helps with identifying possible issues with an application.

Solution

Edit /etc/nginx/nginx.conf so the error_log directive is present and not commented out. The error_log should be configured to the logging location of your choice. The configuration should look similar to the below:

error_log /var/log/nginx/error_log.log info;

See Also

https://workbench.cisecurity.org/benchmarks/17381