initial commit

2024-03-22 10:24:54 +03:00
commit d7d4344c53
82 changed files with 1361 additions and 0 deletions
--- a/snip.d/http-base-security-headers
+++ b/snip.d/http-base-security-headers
@@ -0,0 +1,13 @@
+## always sourced by include snip.d/http-security-headers
+
+include snip.d/http-proxy-hide-security-headers;
+
+add_header  X-XSS-Protection  "1; mode=block"  always;
+add_header  X-Content-Type-Options  "nosniff"  always;
+# add_header  Referrer-Policy  "strict-origin-when-cross-origin"  always;
+add_header  Referrer-Policy  "no-referrer-when-downgrade"  always;
+add_header  Strict-Transport-Security  "max-age=31536000; includeSubDomains; preload" always;
+add_header  Permissions-Policy  "interest-cohort=()"  always;
+
+## obsolete
+add_header  X-Frame-Options  "SAMEORIGIN"  always;