summaryrefslogtreecommitdiff
path: root/etc/nginx/conf.d/talerssl
diff options
context:
space:
mode:
authorroot <root@taler.net>2016-08-27 12:18:39 +0200
committerroot <root@taler.net>2016-08-27 12:18:39 +0200
commite3255ed9f9b1d7bc0d9c9f82804136e232a15266 (patch)
treee64c4b33d2279027629b46855f63852cdfd638a5 /etc/nginx/conf.d/talerssl
parent280733bd93af564f84c3bb7bc045d00a5af25588 (diff)
downloaddeployment-e3255ed9f9b1d7bc0d9c9f82804136e232a15266.tar.gz
deployment-e3255ed9f9b1d7bc0d9c9f82804136e232a15266.tar.bz2
deployment-e3255ed9f9b1d7bc0d9c9f82804136e232a15266.zip
set headers to improve security
Diffstat (limited to 'etc/nginx/conf.d/talerssl')
-rw-r--r--etc/nginx/conf.d/talerssl4
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/nginx/conf.d/talerssl b/etc/nginx/conf.d/talerssl
index 1f6aacb..dd76036 100644
--- a/etc/nginx/conf.d/talerssl
+++ b/etc/nginx/conf.d/talerssl
@@ -7,3 +7,7 @@ ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
+add_header X-XSS-Protection "1; mode=block"
+add_header X-Frame-Options "SAMEORIGN"
+add_header X-Content-Type-Options "nosniff"
+add_header Content-Security-Policy "default-src 'self'"