ops/nginx-kit
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

添加 security.conf

Browse source
This commit is contained in:
Dallas Lu 2026-06-05 04:27:57 +00:00
parent b6956dc0c6
commit c526d8ae0d
1 changed files with 15 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

15
security.conf Normal file
View file

@ -0,0 +1,15 @@
server_tokens off;
## Don't show the nginx version number, a security best practice
add_header Referrer-Policy origin-when-cross-origin always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
#add_header X-XSS-Protection "1; mode=block" always;
add_header X-XSS-Protection "0";
#more_clear_headers 'X-Powered-By';
# Redirect `example.com.` to `example.com`
if ($http_host ~ "\.$" ){
rewrite ^(.*) $scheme://$host$1 permanent;
}