jonathan/hostr
jonathan/hostr
1
0
Fork 0
Code Issues Pull requests 4 Projects Releases Packages 1 Wiki Activity Actions

Add security-related http headers

Browse source
This commit is contained in:
Jonathan Cremin 2016-08-31 18:14:26 +02:00
parent ffa01ba586
commit 0254e42b9c
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
nginx.conf.sigil
View file

@ -10,7 +10,7 @@ server {
server_name {{ .NOSSL_SERVER_NAME }}; server_name {{ .NOSSL_SERVER_NAME }};
access_log /var/log/nginx/{{ .APP }}-access.log; access_log /var/log/nginx/{{ .APP }}-access.log;
error_log /var/log/nginx/{{ .APP }}-error.log; error_log /var/log/nginx/{{ .APP }}-error.log;
return 301 https://$host:{{ .NGINX_SSL_PORT }}$request_uri; return 301 https://$host$request_uri;
} }
server { server {
@ -27,6 +27,7 @@ server {
keepalive_timeout 70; keepalive_timeout 70;
add_header Alternate-Protocol {{ .NGINX_SSL_PORT }}:npn-spdy/2; add_header Alternate-Protocol {{ .NGINX_SSL_PORT }}:npn-spdy/2;
add_header Strict-Transport-Security "max-age=31536000" always;
location /apps/ { location /apps/ {
alias {{ .DOKKU_ROOT }}/{{ .APP }}/apps/; alias {{ .DOKKU_ROOT }}/{{ .APP }}/apps/;
@ -68,6 +69,7 @@ server {
keepalive_timeout 70; keepalive_timeout 70;
add_header Alternate-Protocol {{ .NGINX_SSL_PORT }}:npn-spdy/2; add_header Alternate-Protocol {{ .NGINX_SSL_PORT }}:npn-spdy/2;
add_header Strict-Transport-Security "max-age=31536000" always;
location / { location / {
gzip on; gzip on;