Detections
Analytics

CIS NGINX Benchmark v1.0.0 L2 Proxy

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS NGINX Benchmark v1.0.0 L2 Proxy

Updated: 5/2/2023

Authority: Operating Systems and Applications

Plugin: Unix

Revision: 1.11

Estimated Item Count: 14

Audit Items

DescriptionCategories
1.1.2 Ensure NGINX is installed from source
2.1.1 Ensure only required modules are installed
2.1.2 Ensure HTTP WebDAV module is not installed
2.1.3 Ensure modules with gzip functionality are disabled
3.5 Ensure error logs are sent to a remote syslog server
3.6 Ensure access logs are sent to a remote syslog server
4.1.9 Ensure HTTP Public Key Pinning is enabled
4.1.11 Ensure the upstream traffic server certificate is trusted
4.1.12 Ensure your domain is preloaded
4.1.13 Ensure session resumption is disabled to enable perfect forward security
5.1.1 Ensure allow and deny filters limit access to specific IP addresses
5.2.4 Ensure the number of connections per IP address is limited
5.2.5 Ensure rate limits by IP address are set
CIS_NGINX_Level_2_Proxy_v1.0.0.audit from CIS NGINX Benchmark v1.0.0