Jump to content

Nginx:Security Header

From Wiki

Tambahkan berikut ini di file nginx.conf di bawah blok server.

Content Security Policy

add_header Content-Security-Policy "default-src 'self';";

X-Frame-Options

add_header X-Frame-Options "DENY";

X-XSS-Protection

add_header X-XSS-Protection "1; mode=block";

X-Content-Type-Options

add_header X-Content-Type-Options nosniff;

HTTP Strict Transport Security

add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';

Source

Retrieved from "https://kangtain.com/wiki/index.php?title=Nginx:Security_Header&oldid=5249"