asif
/
nginx-basic
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

added security headers (non HTTPS)

This commit is contained in:
Asif Bacchus 2019-01-04 02:01:11 -07:00
parent 8aed718cfa
commit 1cf8818286
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
conf.d/securityHeaders.conf Normal file
View File

@ -0,0 +1,11 @@
#######
### NGINX configuration - add security related headers
### (HTTPS specific headers are added in HTTPS configuration)
#######
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "same-origin" always;