Hardening node.js/nginx

For PCI requierements I need to hardening a node.js app or nginx server but I only found guides for IIS, Tomcat, operative systems, etc. here you will find the available guides. My questions are:

It's possible to hardening node.js?
It's possible to hardening a nginx server?
Is there any official documentation or trustworthy out there?

Solution

For example dev-sec provides nginx hardening roles for puppet, ansible etc...

To harden a nodejs server the same principles should apply as hardening tomcat. PCI-DSS lists a couple of things you need to do:

Disable all unnecessary services.
Leave only the necessary ports open. etc.

First make sure you develop your application according to best practises from a security point of view. For instance, SSL/TLS, CSRF, Error handling, use SNYK or similar, as described here.

Talk to your QSA about the requirements.

Reduce NPM Memory use
Testcafe falsely asserting false
What is Firebase Firestore 'Reference' data type good for?
Getting a 504/502 error on api requests in Nextjs deployed on Vercel
Docker nodemon doesn't hot reload even though the volumes has been set up
Issue with nested creation in Prisma
How to get parameter for delete request in express node js
How to install package from github repo in Yarn
NVM not recognized after installation
Deploying NodeJS application in IIS server
How to auto-reload files in Node.js?
NVM: Getting Permission denied with nvm install command
Visual Studio 2022 Unknown thread id '0'
opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ]
Read all text from stdin to a string
Could not find a declaration file for module 'bson'
vscode cds watch throws regular expression error
Is it possible to develop Google Chrome extensions using node.js?
Can't build Docker image with Postgresql
validate nested objects using class-validator in nest.js controller
ReplicaSetNoPrimary MongooseServerSelectionError: getaddrinfo EAI_AGAIN mongodb-primary
NextAuth: how to return custom errors without redirection
TypeORM: Custom Many To Many Relationship
fs.watch fired twice when I change the watched file
Is it possible to create or update postman test scripts or variables when running newman from node js?
How to compare using bcrypt in a db query using node.js and express
How can you read modified class properties from another classes callback in javascript?
Is it possible to stub an exported function in a CommonJS module using sinon?
node-red Firebase send notification
How to combine a Nginx and a NodeJS Docker container