nginx: add security-related headers
This commit is contained in:
Alexander Dietrich
parent
920dee9057
commit
77d88b0290
7 changed files with 40 additions and 9 deletions
roles/nginx/files/snippets
|
|
@ -1 +1,2 @@
|
|||
add_header Strict-Transport-Security 'max-age=31536000';
|
||||
add_header Strict-Transport-Security "max-age=31536000";
|
||||
proxy_hide_header Strict-Transport-Security;
|
||||
|
|
|
|||
8
roles/nginx/files/snippets/header-security.conf
Normal file
8
roles/nginx/files/snippets/header-security.conf
Normal file
|
|
@ -0,0 +1,8 @@
|
|||
add_header Referrer-Policy same-origin;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
add_header X-Frame-Options sameorigin;
|
||||
add_header X-XSS-Protection "1; mode=block";
|
||||
proxy_hide_header Referrer-Policy;
|
||||
proxy_hide_header X-Content-Type-Options;
|
||||
proxy_hide_header X-Frame-Options;
|
||||
proxy_hide_header X-XSS-Protection;
|
||||
Loading…
Add table
Add a link
Reference in a new issue