15 lines
No EOL
470 B
Text
15 lines
No EOL
470 B
Text
server_tokens off;
|
|
## Don't show the nginx version number, a security best practice
|
|
|
|
add_header Referrer-Policy origin-when-cross-origin always;
|
|
add_header X-Frame-Options SAMEORIGIN;
|
|
add_header X-Content-Type-Options nosniff;
|
|
#add_header X-XSS-Protection "1; mode=block" always;
|
|
add_header X-XSS-Protection "0";
|
|
|
|
#more_clear_headers 'X-Powered-By';
|
|
|
|
# Redirect `example.com.` to `example.com`
|
|
if ($http_host ~ "\.$" ){
|
|
rewrite ^(.*) $scheme://$host$1 permanent;
|
|
} |