Created
January 28, 2016 23:10
-
-
Save ChrisSwanson/e90ad26c29c82bf8c3dd to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80; | |
| listen 443 ssl; | |
| server_name $server_name; | |
| # Don't send the nginx version number in error pages and server header. | |
| server_tokens off; | |
| # HSTS - HTTP > HTTPS redirect | |
| add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"; | |
| # Clickjacking prevention | |
| add_header X-Frame-Options sameorigin; | |
| # Disable content type sniffing for IE and Chrome | |
| add_header X-Content-Type-Options nosniff; | |
| # XSS Prevention | |
| add_header X-XSS-Protection "1; mode=block"; | |
| # Content Security Policy | |
| add_header Content-Security-Policy: default-src 'self' | |
| # https://www.owasp.org/index.php/List_of_useful_HTTP_headers | |
| # https://gist.github.com/plentz/6737338 | |
| # read the links above for more details / ideas. | |
| root /usr/share/nginx/html; | |
| index index.html index.htm; | |
| location / { | |
| try_files $uri $uri/ @missing | |
| } | |
| location @missing { | |
| rewrite ^ / break; | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment