diff --git a/src/freedombone-app-nextcloud b/src/freedombone-app-nextcloud
index 4fa51ee1..7e580fc4 100755
--- a/src/freedombone-app-nextcloud
+++ b/src/freedombone-app-nextcloud
@@ -483,6 +483,15 @@ function install_nextcloud_main {
         echo '  # Index' >> $nextcloud_nginx_site
         echo '  index index.php;' >> $nextcloud_nginx_site
         echo '' >> $nextcloud_nginx_site
+
+        # By default nextcloud advertises highly specific version information
+        # on status.php, which can obviously be used by adversaries.
+        # Blocking status.php prevents this information leak
+        echo '  location = /status.php {' >> $nextcloud_nginx_site
+        echo '    return 404;' >> $nextcloud_nginx_site
+        echo '  }' >> $nextcloud_nginx_site
+        echo '' >> $nextcloud_nginx_site
+
         echo '  # PHP' >> $nextcloud_nginx_site
         echo '  location ~ \.php {' >> $nextcloud_nginx_site
         echo '    include snippets/fastcgi-php.conf;' >> $nextcloud_nginx_site
@@ -539,6 +548,15 @@ function install_nextcloud_main {
     echo '  # Index' >> $nextcloud_nginx_site
     echo '  index index.php;' >> $nextcloud_nginx_site
     echo '' >> $nextcloud_nginx_site
+
+    # By default nextcloud advertises highly specific version information
+    # on status.php, which can obviously be used by adversaries.
+    # Blocking status.php prevents this information leak
+    echo '  location = /status.php {' >> $nextcloud_nginx_site
+    echo '    return 404;' >> $nextcloud_nginx_site
+    echo '  }' >> $nextcloud_nginx_site
+    echo '' >> $nextcloud_nginx_site
+
     echo '  # PHP' >> $nextcloud_nginx_site
     echo '  location ~ \.php {' >> $nextcloud_nginx_site
     echo '    include snippets/fastcgi-php.conf;' >> $nextcloud_nginx_site