56 lines
1.7 KiB
Plaintext
56 lines
1.7 KiB
Plaintext
# Expires map
|
|
map $sent_http_content_type $expires {
|
|
default off;
|
|
text/html 7d;
|
|
text/css max;
|
|
application/javascript max;
|
|
~image/ max;
|
|
}
|
|
|
|
server {
|
|
listen 80;
|
|
server_name localhost;
|
|
|
|
#charset koi8-r;
|
|
#access_log /var/log/nginx/host.access.log main;
|
|
|
|
location / {
|
|
root /usr/share/nginx/html;
|
|
index index.html index.htm;
|
|
}
|
|
|
|
# https://gtmetrix.com/specify-a-character-set-early.html
|
|
# https://www.cyberciti.biz/faq/nginx-set-http-content-type-response-header-to-charset-utf8/
|
|
charset UTF-8;
|
|
|
|
add_header X-UA-Compatible "IE=Edge,chrome=1";
|
|
|
|
# https://www.justegeek.fr/proteger-un-peu-plus-son-site-avec-la-balise-x-content-type-options/
|
|
add_header X-Content-Type-Options "nosniff";
|
|
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
add_header X-Frame-Options DENY;
|
|
add_header Referrer-Policy "strict-origin-when-cross-origin";
|
|
|
|
# https://scotthelme.co.uk/content-security-policy-an-introduction/
|
|
add_header Content-Security-Policy "script-src 'self'";
|
|
|
|
# https://scotthelme.co.uk/a-new-security-header-feature-policy/
|
|
#add_header Feature-Policy "vibrate none";
|
|
|
|
# https://scotthelme.co.uk/hsts-the-missing-link-in-tls/
|
|
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
|
|
|
|
#Caching (save html pages for 7 days, rest as long as possible, no caching on frontpage)
|
|
expires $expires;
|
|
|
|
#error_page 404 /404.html;
|
|
|
|
# redirect server error pages to the static page /50x.html
|
|
#
|
|
error_page 500 502 503 504 /50x.html;
|
|
location = /50x.html {
|
|
root /usr/share/nginx/html;
|
|
}
|
|
}
|