diff --git a/Dockerfile b/Dockerfile
index 14ef773..f7611ce 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -9,14 +9,21 @@ ENV NODE_ENV=production
 RUN npm run build
 
 # Step 2: Serve stage
-FROM nginx:alpine
+FROM nginx:stable
+
+# Remove default nginx static assets
+RUN rm -rf /usr/share/nginx/html/*
 
 # Copy built files from the previous stage
 COPY --from=build /app/dist /usr/share/nginx/html
 
-# Add a custom Nginx configuration
+# Copy secure nginx configs
+COPY nginx.main.conf /etc/nginx/nginx.conf
 COPY nginx.conf /etc/nginx/conf.d/default.conf
 
+# Use non-root user for security
+USER nginx
+
 # Expose port 80
 EXPOSE 80
 
diff --git a/nginx.main.conf b/nginx.main.conf
new file mode 100644
index 0000000..883fb07
--- /dev/null
+++ b/nginx.main.conf
@@ -0,0 +1,27 @@
+worker_processes auto;
+pid /tmp/nginx.pid;
+error_log /tmp/error.log warn;
+
+events {
+    worker_connections 1024;
+}
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    access_log /tmp/access.log;
+
+    sendfile on;
+    keepalive_timeout 65;
+    server_tokens off;
+
+    # Redefine temp paths to writable tmpfs locations
+    client_body_temp_path /tmp/client_temp;
+    proxy_temp_path       /tmp/proxy_temp;
+    fastcgi_temp_path     /tmp/fastcgi_temp;
+    uwsgi_temp_path       /tmp/uwsgi_temp;
+    scgi_temp_path        /tmp/scgi_temp;
+
+    include /etc/nginx/conf.d/*.conf;
+}
\ No newline at end of file