Welcome! Log In Create A New Profile

Advanced

Security Headers in Nginx

Posted by vevioz 
Security Headers in Nginx
September 14, 2023 02:59AM
many websites and systems can be hacked due to a lack or bad configuration or lack of protection. Besides improving your site’s SEO score, Security headers will protect your website from some common attacks like Code injection, XSS, click-jacking, and more.

# security headers
add_header Permissions-Policy "interest-cohort=()" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy no-referrer-when-downgrade;
add_header X-XSS-Protection "0; mode=block";
add_header Expect-CT "max-age=63072000, enforce";
add_header X-Permitted-Cross-Domain-Policies master-only;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header Content-Security-Policy "upgrade-insecure-requests";

Hasil A+: https://securityheaders.com/?q=www.vevioz.com&followRedirects=on



Edited 2 time(s). Last edit at 09/14/2023 03:09AM by vevioz.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 131
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready