Adding security headers for NginX
This commit is contained in:
@@ -24,3 +24,8 @@
|
||||
|
||||
## verify chain of trust of OCSP response using Root CA and Intermediate certs
|
||||
ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
|
||||
|
||||
# Other security headers
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-Xss-Protection "1; mode=block" always;
|
||||
add_header X-Content-Type-Options "nosniff" always;
|
||||
|
@@ -7,3 +7,7 @@ proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_hide_header Strict-Transport-Security;
|
||||
proxy_hide_header X-Frame-Options;
|
||||
proxy_hide_header X-Xss-Protection;
|
||||
proxy_hide_header X-Content-Type-Options;
|
||||
|
||||
|
@@ -1,6 +1,7 @@
|
||||
server {
|
||||
{% include './templates/header.conf.j2' %}
|
||||
|
||||
add_header Strict-Transport-Security "max-age=15768000" always;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
add_header X-Robots-Tag none;
|
||||
|
Reference in New Issue
Block a user