Jump to content

Nginx:Security Header

From Wiki

Revision as of 21:37, 19 July 2022 by Kangtain (talk | contribs) (Created page with "Tambahkan berikut ini di file nginx.conf di bawah blok server. ===Content Security Policy=== add_header Content-Security-Policy "default-src 'self';"; ===X-Frame-Options=== add_header X-Frame-Options "DENY"; ===X-XSS-Protection=== add_header X-XSS-Protection "1; mode=block"; ===X-Content-Type-Options=== add_header X-Content-Type-Options nosniff; ===HTTP Strict Transport Security=== add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; prelo...")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Tambahkan berikut ini di file nginx.conf di bawah blok server.

Content Security Policy

add_header Content-Security-Policy "default-src 'self';";

X-Frame-Options

add_header X-Frame-Options "DENY";

X-XSS-Protection

add_header X-XSS-Protection "1; mode=block";

X-Content-Type-Options

add_header X-Content-Type-Options nosniff;

HTTP Strict Transport Security

add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';

Source

beaglesecurity.com

Retrieved from "https://kangtain.com/wiki/index.php?title=Nginx:Security_Header&oldid=4764"