Initial Commit

nginx/extra/headers-gzip.conf

@@ -0,0 +1,20 @@
+### gzip + compression global rules
+### to be included a single time throughout this nginx instance
+### headers rules are also consolidated here
+
+gzip on; 
+gzip_disable "msie6";
+gzip_vary on; 
+gzip_proxied any;
+gzip_comp_level 6;
+gzip_min_length 1100;
+gzip_buffers 16 8k; 
+gzip_http_version 1.1;
+gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
+
+# Enable HSTS. This forces SSL on clients that respect it, most modern browsers. The includeSubDomains flag is optional.
+add_header Strict-Transport-Security "max-age=31536000;includeSubDomains";
+
+## Header hardening
+add_header X-Frame-Options "SAMEORIGIN";
+add_header X-XSS-Protection "1; mode=block";