20 lines
645 B
Plaintext
20 lines
645 B
Plaintext
more_set_headers "X-Content-Type-Options : nosniff";
|
|
more_set_headers "X-XSS-Protection : 1; mode=block";
|
|
more_set_headers "X-Download-Options : noopen";
|
|
more_set_headers "X-Permitted-Cross-Domain-Policies : none";
|
|
more_set_headers "X-Frame-Options : DENY";
|
|
more_set_headers "Referrer-Policy : same-origin"; # no-referrer
|
|
more_set_headers "Strict-Transport-Security : max-age=94608000; includeSubDomains; preload";
|
|
#more_set_headers "Server : nginx Niver";
|
|
|
|
more_clear_headers Server;
|
|
|
|
ssl_prefer_server_ciphers off;
|
|
|
|
ssl_session_timeout 1d;
|
|
ssl_session_cache shared:SSL:50m;
|
|
ssl_session_tickets off;
|
|
|
|
#ssl_stapling on;
|
|
#ssl_stapling_verify on;
|