aboutsummaryrefslogtreecommitdiff
path: root/deploy/headers_secure.conf
diff options
context:
space:
mode:
authorJulien Dessaux2021-11-13 18:42:52 +0100
committerJulien Dessaux2021-11-13 18:42:52 +0100
commit2a6536ad1ef62facc90567c43f3d4f9f1dd5d9cd (patch)
tree1c042cd1c58796bc571a381bcf316b41e3c8ae9c /deploy/headers_secure.conf
parentMigrated gitea to dalinar and updated other pages to reflect that. Updated ww... (diff)
downloadwww-2a6536ad1ef62facc90567c43f3d4f9f1dd5d9cd.tar.gz
www-2a6536ad1ef62facc90567c43f3d4f9f1dd5d9cd.tar.bz2
www-2a6536ad1ef62facc90567c43f3d4f9f1dd5d9cd.zip
Added container building script and kubernetes manifest
Diffstat (limited to 'deploy/headers_secure.conf')
-rw-r--r--deploy/headers_secure.conf10
1 files changed, 10 insertions, 0 deletions
diff --git a/deploy/headers_secure.conf b/deploy/headers_secure.conf
new file mode 100644
index 0000000..71b52e1
--- /dev/null
+++ b/deploy/headers_secure.conf
@@ -0,0 +1,10 @@
+# A+ on https://securityheaders.io/
+add_header X-Frame-Options deny;
+add_header X-XSS-Protection "1; mode=block";
+add_header X-Content-Type-Options nosniff;
+add_header Referrer-Policy strict-origin;
+add_header Cache-Control no-transform;
+add_header Content-Security-Policy "script-src 'self'";
+add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()";
+# 6 months HSTS pinning
+add_header Strict-Transport-Security max-age=16000000;
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 07:43:39 +0000