GeneralConfig/nginx/extra/headers-gzip.conf

21 lines
735 B
Plaintext
Raw Normal View History

2020-06-17 13:31:05 -03:00
### gzip + compression global rules
### to be included a single time throughout this nginx instance
### headers rules are also consolidated here
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Enable HSTS. This forces SSL on clients that respect it, most modern browsers. The includeSubDomains flag is optional.
add_header Strict-Transport-Security "max-age=31536000;includeSubDomains";
## Header hardening
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";