free
/
freedombonee
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Some additional nginx security settings

This commit is contained in:
Bob Mottram 2017-05-08 16:43:42 +01:00
parent c3f832761e
commit 6225616be2
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/freedombone-utils-web
View File

@ -138,6 +138,11 @@ function nginx_ssl {
echo " ssl_protocols $SSL_PROTOCOLS;" >> $filename
echo " ssl_ciphers '$SSL_CIPHERS';" >> $filename
echo " add_header Content-Security-Policy \"default-src https:; script-src https: 'unsafe-inline'; style-src https: 'unsafe-inline'\";" >> $filename
echo ' add_header X-XSS-Protection "1; mode=block";' >> $filename
echo ' add_header X-Robots-Tag none;' >> $filename
echo ' add_header X-Download-Options noopen;' >> $filename
echo ' add_header X-Permitted-Cross-Domain-Policies none;' >> $filename
#nginx_stapling $1
}