archive/theorangeone.net-legacy
1
Fork 0
Code Activity

Add previously configured security headers

Browse source
This commit is contained in:
Jake Howard 2020-04-10 12:43:38 +01:00
parent 59720a3fb5
commit 2a2b1241e6
Signed by: jake
GPG key ID: 57AFB45680EDD477
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
nginx.conf
View file

@ -17,6 +17,7 @@ http {
access_log /dev/stdout; access_log /dev/stdout;
access_log /var/log/nginx/access.log; access_log /var/log/nginx/access.log;
server_tokens off;
sendfile on; sendfile on;
@ -33,6 +34,12 @@ http {
set_real_ip_from 0.0.0.0/0; set_real_ip_from 0.0.0.0/0;
real_ip_header X-Forwarded-For; real_ip_header X-Forwarded-For;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
add_header Referrer-Policy "same-origin";
add_header Strict-Transport-Security "max-age=5184000";
location ~* ^\/(_matrix|stats|js|scss|img|css|fonts|webfonts)+? { location ~* ^\/(_matrix|stats|js|scss|img|css|fonts|webfonts)+? {
access_log off; access_log off;
} }