move proxy header overrides to proxy-params.conf
This commit is contained in:
parent
aea9b04531
commit
5b1932385a
@ -10,3 +10,17 @@ send_timeout 3600s;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
|
||||
proxy_hide_header X-Powered-By;
|
||||
proxy_hide_header X-Frame-Options;
|
||||
add_header X-Frame-Options DENY;
|
||||
proxy_hide_header X-XSS-Protection;
|
||||
add_header X-XSS-Protection 0;
|
||||
proxy_hide_header X-Content-Type-Options;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
proxy_hide_header Referrer-Policy;
|
||||
add_header Referrer-Policy strict-origin-when-cross-origin;
|
||||
proxy_hide_header Strict-Transport-Security;
|
||||
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload;";
|
||||
proxy_hide_header Access-Control-Allow-Origin;
|
||||
add_header Access-Control-Allow-Origin https://tronnet.net;
|
||||
|
@ -14,17 +14,3 @@ ssl_dhparam /etc/ssl/certs/dhparam.pem;
|
||||
# ssl cert paths
|
||||
ssl_certificate /etc/letsencrypt/live/tronnet.net/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/tronnet.net/privkey.pem;
|
||||
|
||||
proxy_hide_header X-Powered-By;
|
||||
proxy_hide_header X-Frame-Options;
|
||||
add_header X-Frame-Options DENY;
|
||||
proxy_hide_header X-XSS-Protection;
|
||||
add_header X-XSS-Protection 0;
|
||||
proxy_hide_header X-Content-Type-Options;
|
||||
add_header X-Content-Type-Options nosniff;
|
||||
proxy_hide_header Referrer-Policy;
|
||||
add_header Referrer-Policy strict-origin-when-cross-origin;
|
||||
proxy_hide_header Strict-Transport-Security;
|
||||
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload;";
|
||||
proxy_hide_header Access-Control-Allow-Origin;
|
||||
add_header Access-Control-Allow-Origin https://tronnet.net;
|
||||
|
Loading…
Reference in New Issue
Block a user