This repository has been archived on 2022-10-07. You can view files and clone it, but cannot push or open issues or pull requests.
2021-08-29 17:39:12 +02:00
|
|
|
more_set_headers "X-Content-Type-Options : nosniff";
|
|
|
|
more_set_headers "X-XSS-Protection : 1; mode=block";
|
|
|
|
more_set_headers "X-Download-Options : noopen";
|
|
|
|
more_set_headers "X-Permitted-Cross-Domain-Policies : none";
|
|
|
|
more_set_headers "X-Frame-Options : DENY";
|
2021-08-29 21:41:15 +02:00
|
|
|
more_set_headers "Referrer-Policy : same-origin"; # no-referrer
|
2021-08-29 17:39:12 +02:00
|
|
|
more_set_headers "Strict-Transport-Security : max-age=94608000; includeSubDomains; preload";
|
|
|
|
#more_set_headers "Server : nginx Niver";
|
|
|
|
|
|
|
|
more_clear_headers Server;
|
|
|
|
|
2021-08-29 21:41:15 +02:00
|
|
|
ssl_prefer_server_ciphers off;
|
|
|
|
|
2021-08-29 17:39:12 +02:00
|
|
|
ssl_session_timeout 1d;
|
|
|
|
ssl_session_cache shared:SSL:50m;
|
|
|
|
ssl_session_tickets off;
|
|
|
|
|
2021-08-29 21:41:15 +02:00
|
|
|
#ssl_stapling on;
|
|
|
|
#ssl_stapling_verify on;
|