From e60fa624d120620f7ac3c8c8a88dff76811c6376 Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Thu, 24 Jan 2019 15:04:39 -0200 Subject: Some clickjacking protections --- templates/site-ssl.erb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/templates/site-ssl.erb b/templates/site-ssl.erb index a370bc7..5b9ce04 100644 --- a/templates/site-ssl.erb +++ b/templates/site-ssl.erb @@ -12,6 +12,11 @@ server { # enable HSTS header add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload"; + # clickjacking protection + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + add_header X-Frame-Options DENY; + location / { # preserve http header and set forwarded proto proxy_set_header Host $http_host; -- cgit v1.2.3