Additional security policy settings for ttrss

This commit is contained in:
Bob Mottram 2018-02-13 11:33:27 +00:00
parent 1a11a8cfdd
commit 645bcf9f34
1 changed files with 10 additions and 2 deletions

View File

@ -428,7 +428,11 @@ function install_rss_main {
echo ' deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo ' deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo ' add_header X-XSS-Protection "1; mode=block";' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' add_header X-Robots-Tag none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' add_header X-Download-Options noopen;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' add_header X-Permitted-Cross-Domain-Policies none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' add_header X-Frame-Options SAMEORIGIN;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo ' client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
@ -482,7 +486,11 @@ function install_rss_main {
echo ' deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo ' deny all;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo ' }' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo '' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo ' add_header X-XSS-Protection "1; mode=block";' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' add_header X-Robots-Tag none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' add_header X-Download-Options noopen;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' add_header X-Permitted-Cross-Domain-Policies none;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' add_header X-Frame-Options SAMEORIGIN;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo ' client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo ' client_max_body_size 15m;' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME
echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME echo '}' >> /etc/nginx/sites-available/$RSS_READER_DOMAIN_NAME