Fijxu/nginx-configs
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
This repository has been archived on 2025-01-22. You can view files and clone it, but cannot push or open issues or pull requests.
nginx-configs/configs/securityheaders.conf
Fijxu 2f25519215 caca
2022-11-22 03:45:12 -03:00

12 lines
567 B
Text
Raw Permalink Blame History

# security headers
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Referrer-Policy "no-referrer-when-downgrade" always;
#add_header Content-Security-Policy "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';" always;
add_header Permissions-Policy "interest-cohort=()" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
# . files
location ~ /\.(?!well-known) {
deny all;
}
Reference in a new issue View git blame Copy permalink