2.1.1 Ensure only required modules are installed

Information

This NGINX installation comes with several modules out of the box. These modules are not all always needed. Installations of NGINX should be hardened to ensure only the necessary modules are installed.

Rationale:

Minimizing features and functionality built into NGINX can help to reduce the number of vulnerabilities your server has, which reduces the likelihood of a successful compromise by attackers.

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Consult the NGINX module documentation to determine which modules are needed for your specific installation.
Modules may be removed using the configure command.

See Also

https://workbench.cisecurity.org/benchmarks/17381

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7, 800-53|CM-7(1), CSCv7|2.8

Plugin: Unix

Control ID: 6dbc029a22a89bd1296ecbe6932442185bad3166b03f8aeab0844eecb1e79227