Commit 953e151c authored by Andri Steiner's avatar Andri Steiner
Browse files

local security related configuration #1

parent 56cb6bfb
# local nginx configuration for default
# [INFO] https://docs.opsone.ch/managed-server-7/tag/website-advanced-nginx-website
# global security configuration disabled
# see services/git.typo3.org/site#1 for details
# deny access to hidden files
location ~ (?!^\/\.well-known)\/\. {
satisfy all;
deny all;
}
# security headers
# [INFO] https://docs.opsone.ch/managed-server-7/tag/website-security
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment