diff --git a/dockerfiles/nginx-prod.conf b/dockerfiles/nginx-prod.conf
index e5b041464ac..018b4ec6c6b 100644
--- a/dockerfiles/nginx-prod.conf
+++ b/dockerfiles/nginx-prod.conf
@@ -1,10 +1,12 @@
-# user  nginx;
+# user nginx;
 worker_processes 2;
 worker_rlimit_nofile 2048;
 pid /var/run/nginx.pid;
 daemon off;
 load_module /usr/lib/nginx/modules/ngx_http_headers_more_filter_module.so;
 
+# Main context error log
+error_log /dev/stdout info;
 
 events {
   worker_connections  1024;
@@ -60,10 +62,16 @@ http {
   # Add CloudFront source address ranges to trusted CIDR range for real ip computation
   include /etc/nginx/cloudfront-ips.conf;
 
-  # logging
+  # HTTP context logging
   access_log /dev/stdout;
   error_log  /dev/stdout info;
 
+  client_body_temp_path /var/lib/nginx/tmp/client_body;
+  proxy_temp_path       /var/lib/nginx/tmp/proxy_temp;
+  fastcgi_temp_path     /var/lib/nginx/tmp/fastcgi_temp;
+  uwsgi_temp_path       /var/lib/nginx/tmp/uwsgi_temp;
+  scgi_temp_path        /var/lib/nginx/tmp/scgi_temp;
+
   # Specify a key=value format useful for machine parsing
   log_format kv escape=json
     '{'
@@ -128,8 +136,9 @@ http {
     ssl_protocols TLSv1.2;
     ssl_session_cache shared:SSL:10m;
     ssl_session_timeout 5m;
-    ssl_stapling on;
-    ssl_stapling_verify on;
+    # Disable SSL stapling for self-signed certificates to avoid warnings
+    # ssl_stapling on;
+    # ssl_stapling_verify on;
     resolver_timeout 5s;
     proxy_set_header X-Forwarded-For $remote_addr;
     proxy_set_header   Host $host;
@@ -232,4 +241,4 @@ http {
       proxy_pass https://0.0.0.0:3000;
     }
   }
-}
+}
\ No newline at end of file
diff --git a/dockerfiles/nginx.Dockerfile b/dockerfiles/nginx.Dockerfile
index ad189fa8db1..8622577f059 100644
--- a/dockerfiles/nginx.Dockerfile
+++ b/dockerfiles/nginx.Dockerfile
@@ -8,6 +8,15 @@ COPY ./dockerfiles/nginx-prod.conf /etc/nginx/nginx.conf
 COPY ./dockerfiles/status-map.conf /etc/nginx/
 RUN /update-ips.sh
 
+RUN mkdir -p /var/lib/nginx/tmp/client_body \
+             /var/lib/nginx/tmp/proxy_temp \
+             /var/lib/nginx/tmp/fastcgi_temp \
+             /var/lib/nginx/tmp/uwsgi_temp \
+             /var/lib/nginx/tmp/scgi_temp \
+             /var/lib/nginx/logs && \
+    chown -R 100:1000 /var/lib/nginx && \
+    chmod -R 755 /var/lib/nginx
+
 # Generate and place SSL certificates for nginx (used only by ALB)
 RUN mkdir /keys
 RUN openssl req -x509 -sha256 -nodes -newkey rsa:2048 -days 1825 \