添加 security.conf

2026-06-05 04:27:57 +00:00 · 2026-06-05 04:27:57 +00:00 · c526d8ae0d
commit c526d8ae0d
parent b6956dc0c6
1 changed files with 15 additions and 0 deletions
--- a/security.conf
+++ b/security.conf
@ -0,0 +1,15 @@
+server_tokens off;
+## Don't show the nginx version number, a security best practice
+  
+add_header	Referrer-Policy	origin-when-cross-origin always;
+add_header	X-Frame-Options	SAMEORIGIN;
+add_header	X-Content-Type-Options	nosniff;
+#add_header	X-XSS-Protection "1; mode=block" always;
+add_header	X-XSS-Protection "0";
+
+#more_clear_headers	'X-Powered-By';
+
+# Redirect `example.com.` to `example.com`
+if ($http_host ~ "\.$" ){
+    rewrite ^(.*) $scheme://$host$1 permanent;
+}