free
/
freedombone
Observar 1
Favorito 0
Fork 0
Código Issues 0 Pull Requests 0 Versões 0 Wiki Atividade
Ver código fonte

Some additional nginx security settings

Bob Mottram 8 anos atrás
pai
c3f832761e
commit
6225616be2
1 arquivos alterados com 5 adições e 0 exclusões
Visão dividida Mostrar estatísticas do Diff
  1. 5
    0
      src/freedombone-utils-web

+ 5
- 0
src/freedombone-utils-web Ver arquivo 

@@ -138,6 +138,11 @@ function nginx_ssl {
138 138 
     echo "    ssl_protocols $SSL_PROTOCOLS;" >> $filename
139 139 
     echo "    ssl_ciphers '$SSL_CIPHERS';" >> $filename
140 140 
     echo "    add_header Content-Security-Policy \"default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'\";" >> $filename
141 
+    echo '    add_header X-XSS-Protection "1; mode=block";' >> $filename
142 
+    echo '    add_header X-Robots-Tag none;' >> $filename
143 
+    echo '    add_header X-Download-Options noopen;' >> $filename
144 
+    echo '    add_header X-Permitted-Cross-Domain-Policies none;' >> $filename
145 
+
141 146 
     #nginx_stapling $1
142 147 
 }
143 148