Add some common security headers for all sites
This commit is contained in:
parent
4c1f264e2a
commit
f795a49720
|
@ -5,7 +5,11 @@ korhonen.cc, *.korhonen.cc {
|
|||
}
|
||||
|
||||
header {
|
||||
Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
||||
Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
|
||||
X-Frame-Options DENY
|
||||
X-XSS-Protection 0
|
||||
X-Content-Type-Options nosniff
|
||||
Referrer-Policy strict-origin-when-cross-origin
|
||||
}
|
||||
|
||||
@homepage host korhonen.cc
|
||||
|
|
Loading…
Reference in a new issue