titanz/NGINX-Configs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
113 Commits 1 Branch 0 Tags
d6a956eba302d62145d766307a3680ae5bac8ed7
Commit Graph

26 Commits

Author SHA1 Message Date
Tommy
d28691ceed Fix X-Forwarded-For 
Signed-off-by: Tommy <contact@tommytran.io>
 2025-01-03 23:50:40 -07:00
Tommy
37dcc6ddde Update ssl_early_data configuration 2025-01-03 23:05:02 -07:00
Tommy
2cf70896f7 Merge hsts snippet into security snippet 2025-01-03 09:57:09 -07:00
Tommy
023e2cdad3 Move Access-Control-Max-Age to security.conf 2025-01-03 09:31:47 -07:00
Tommy
8293f6f1c3 Typo Fix 2025-01-03 09:28:46 -07:00
Tommy
111a568c6e Note X-Frame-Options obsolesence 2025-01-03 09:28:28 -07:00
Tommy
65459ad784 Add Access-Control-Max-Age 2025-01-03 09:22:33 -07:00
Tommy
819c0e6372 Add note for credentialless 2025-01-03 08:22:55 -07:00
Tommy
662d06a701 Undo 1ade01c - Split HSTS headers again 
nginx-module-headers-more requires third party repo
 2025-01-03 07:08:15 -07:00
Tommy
1ade01cd11 Merge HSTS headers with TLS config 2025-01-03 06:27:58 -07:00
Tommy
c809ef29b2 Block dangerous X headers 2025-01-03 06:15:48 -07:00
Tommy
8100f6f770 Change proxy_set_header Host back to $host 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-21 05:13:09 -07:00
Tommy
5106e34fb6 Add add.txt & disable unnecessary logging 2024-10-13 14:46:21 -07:00
Tommy
4408d67d35 Add robots handling 2024-10-13 13:46:37 -07:00
Tommy
ba554095f1 Add X-Permitted-Cross-Domain-Policies 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-13 07:33:28 -07:00
Tommy
11189cffe7 Proper permission policies for WebAuthn 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-13 07:30:24 -07:00
Tommy
85ce409081 Remove publickey-credentials-get=() 
FIDO2 is used almost everywhere now

Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-13 07:27:04 -07:00
Tommy
1678b0861d Hide X-Powered-By 2024-10-13 05:15:14 -07:00
Tommy
3bbe3ea3a3 Use http_host for Host 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-13 01:26:11 -07:00
Tommy
673f533643 Add extra headers 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-13 01:25:32 -07:00
Tommy
7036022071 Use http_host 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-10-12 23:54:54 -07:00
Tommy
8aa5abae84 Add quotation marks 2024-06-25 15:17:43 -07:00
Tommy
4f1b4b6dcb Restrict CORP 2024-06-25 15:15:59 -07:00
Tommy
03149c183c Split out cross origin security headers 2024-06-25 15:10:02 -07:00
Tommy
e64e242e42 Always use 'always' 2024-06-25 14:57:55 -07:00
Tommy
1bf7d1835f Initial file upload 
Signed-off-by: Tommy <contact@tommytran.io>
 2024-06-24 10:21:29 -07:00