diff --git a/make/common/nginx/Dockerfile b/make/common/nginx/Dockerfile
index 64ab04d3a..23b218d89 100644
--- a/make/common/nginx/Dockerfile
+++ b/make/common/nginx/Dockerfile
@@ -1,9 +1,11 @@
-FROM library/photon:1.0
+FROM vmware/photon:1.0
 
-RUN tdnf install -y nginx \
+RUN tdnf distro-sync -y \
+    && tdnf install -y nginx \
     && ln -sf /dev/stdout /var/log/nginx/access.log \
     && ln -sf /dev/stderr /var/log/nginx/error.log \
-    && mkdir -p /var/run
+    && mkdir -p /var/run \
+    && tdnf clean all
 
 EXPOSE 80
 STOPSIGNAL SIGQUIT
diff --git a/make/common/templates/nginx/nginx.http.conf b/make/common/templates/nginx/nginx.http.conf
index 2c15e7342..820544ca3 100644
--- a/make/common/templates/nginx/nginx.http.conf
+++ b/make/common/templates/nginx/nginx.http.conf
@@ -30,7 +30,7 @@ http {
 
   server {
     listen 80;
-
+    server_tokens off;
     # disable any limits to avoid HTTP 413 for large image uploads
     client_max_body_size 0;
 
diff --git a/make/common/templates/nginx/nginx.https.conf b/make/common/templates/nginx/nginx.https.conf
index 3dc5bf224..703e41c9d 100644
--- a/make/common/templates/nginx/nginx.https.conf
+++ b/make/common/templates/nginx/nginx.https.conf
@@ -33,7 +33,7 @@ http {
   server {
     listen 443 ssl;
 #    server_name harbordomain.com;
-
+    server_tokens off;
     # SSL
     ssl_certificate $ssl_cert;
     ssl_certificate_key $ssl_cert_key;
diff --git a/make/common/templates/nginx/notary.server.conf b/make/common/templates/nginx/notary.server.conf
index 566ca9f6f..a409bcd6f 100644
--- a/make/common/templates/nginx/notary.server.conf
+++ b/make/common/templates/nginx/notary.server.conf
@@ -1,6 +1,6 @@
   server {
     listen 4443 ssl;
-
+    server_tokens off;
     # ssl
     ssl_certificate $ssl_cert;
     ssl_certificate_key $ssl_cert_key;