21 lines
735 B
Plaintext
21 lines
735 B
Plaintext
### gzip + compression global rules
|
|
### to be included a single time throughout this nginx instance
|
|
### headers rules are also consolidated here
|
|
|
|
gzip on;
|
|
gzip_disable "msie6";
|
|
gzip_vary on;
|
|
gzip_proxied any;
|
|
gzip_comp_level 6;
|
|
gzip_min_length 1100;
|
|
gzip_buffers 16 8k;
|
|
gzip_http_version 1.1;
|
|
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
|
|
|
|
# Enable HSTS. This forces SSL on clients that respect it, most modern browsers. The includeSubDomains flag is optional.
|
|
add_header Strict-Transport-Security "max-age=31536000;includeSubDomains";
|
|
|
|
## Header hardening
|
|
add_header X-Frame-Options "SAMEORIGIN";
|
|
add_header X-XSS-Protection "1; mode=block";
|