## Don't show the nginx version number, a security best practice
server_tokens off;

add_header	Referrer-Policy	strict-origin-when-cross-origin always;
add_header	X-Frame-Options	SAMEORIGIN always;
add_header	X-Content-Type-Options	nosniff always;
add_header	X-XSS-Protection	"0" always;

# Redirect `example.com.` to `example.com`
if ($http_host ~ "\.$" ){
    rewrite ^(.*) $scheme://$host$1 permanent;
}