12 lines
407 B
Text
12 lines
407 B
Text
## Don't show the nginx version number, a security best practice
|
|
server_tokens off;
|
|
|
|
add_header Referrer-Policy strict-origin-when-cross-origin always;
|
|
add_header X-Frame-Options SAMEORIGIN always;
|
|
add_header X-Content-Type-Options nosniff always;
|
|
add_header X-XSS-Protection "0" always;
|
|
|
|
# Redirect `example.com.` to `example.com`
|
|
if ($http_host ~ "\.$" ){
|
|
rewrite ^(.*) $scheme://$host$1 permanent;
|
|
}
|