rav4s
/
NginX-Config-Files
mirror of https://github.com/Rav4s/NginX-Config-Files
1
1
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Added explanations for security headers

main
Ravi Shah 5 years ago
parent
229cadd1c4
commit
63e15fe047
1 changed files with 6 additions and 6 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 10
      subdomain-proxy.conf

10
subdomain-proxy.conf
View File

@ -46,11 +46,11 @@ server {
# Set the security headers # Set the security headers
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header X-Frame-Options DENY;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header Referrer-Policy "origin";
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; #HSTS
add_header X-Frame-Options DENY; #Prevents clickjacking
add_header X-Content-Type-Options nosniff; #Prevents mime sniffing
add_header X-XSS-Protection "1; mode=block"; #Prevents cross-site scripting attacks
add_header Referrer-Policy "origin"; #Idk what this actually does";
} }
} }
Write Preview
Loading…
Cancel
Save