titanz/NGINX-Configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
100 Commits 1 Branch 0 Tags
Commit Graph

24 Commits

Author SHA1 Message Date
Tommy
2cf70896f7
Merge hsts snippet into security snippet 2025-01-03 09:57:09 -07:00
Tommy
023e2cdad3
Move Access-Control-Max-Age to security.conf 2025-01-03 09:31:47 -07:00
Tommy
8293f6f1c3
Typo Fix 2025-01-03 09:28:46 -07:00
Tommy
111a568c6e
Note X-Frame-Options obsolesence 2025-01-03 09:28:28 -07:00
Tommy
65459ad784
Add Access-Control-Max-Age 2025-01-03 09:22:33 -07:00
Tommy
819c0e6372
Add note for credentialless 2025-01-03 08:22:55 -07:00
Tommy
662d06a701
Undo 1ade01c - Split HSTS headers again 
nginx-module-headers-more requires third party repo
 2025-01-03 07:08:15 -07:00
Tommy
1ade01cd11
Merge HSTS headers with TLS config 2025-01-03 06:27:58 -07:00
Tommy
c809ef29b2
Block dangerous X headers 2025-01-03 06:15:48 -07:00
Tommy
8100f6f770
Change proxy_set_header Host back to $host 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-21 05:13:09 -07:00
Tommy
5106e34fb6
Add add.txt & disable unnecessary logging 2024-10-13 14:46:21 -07:00
Tommy
4408d67d35
Add robots handling 2024-10-13 13:46:37 -07:00
Tommy
ba554095f1
Add X-Permitted-Cross-Domain-Policies 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-13 07:33:28 -07:00
Tommy
11189cffe7
Proper permission policies for WebAuthn 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-13 07:30:24 -07:00
Tommy
85ce409081
Remove publickey-credentials-get=() 
FIDO2 is used almost everywhere now

Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-13 07:27:04 -07:00
Tommy
1678b0861d
Hide X-Powered-By 2024-10-13 05:15:14 -07:00
Tommy
3bbe3ea3a3
Use http_host for Host 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-13 01:26:11 -07:00
Tommy
673f533643
Add extra headers 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-13 01:25:32 -07:00
Tommy
7036022071
Use http_host 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-12 23:54:54 -07:00
Tommy
8aa5abae84
Add quotation marks 2024-06-25 15:17:43 -07:00
Tommy
4f1b4b6dcb
Restrict CORP 2024-06-25 15:15:59 -07:00
Tommy
03149c183c
Split out cross origin security headers 2024-06-25 15:10:02 -07:00
Tommy
e64e242e42
Always use 'always' 2024-06-25 14:57:55 -07:00
Tommy
1bf7d1835f
Initial file upload 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-06-24 10:21:29 -07:00