diff --git a/security.conf b/security.conf
new file mode 100644
index 0000000..9a3be44
--- /dev/null
+++ b/security.conf
@@ -0,0 +1,15 @@
+server_tokens off;
+## Don't show the nginx version number, a security best practice
+  
+add_header	Referrer-Policy	origin-when-cross-origin always;
+add_header	X-Frame-Options	SAMEORIGIN;
+add_header	X-Content-Type-Options	nosniff;
+#add_header	X-XSS-Protection "1; mode=block" always;
+add_header	X-XSS-Protection "0";
+
+#more_clear_headers	'X-Powered-By';
+
+# Redirect `example.com.` to `example.com`
+if ($http_host ~ "\.$" ){
+    rewrite ^(.*) $scheme://$host$1 permanent;
+}
\ No newline at end of file