From 89fbde605f4f808d782489da26464515db915b97 Mon Sep 17 00:00:00 2001
From: Hironsan <light.tree.1.13@gmail.com>
Date: Thu, 19 Mar 2020 11:52:10 +0900
Subject: [PATCH] Update nginx.conf to enhance security

add X-XSS-Protection and X-Content-Type-Options headers
---
 nginx/nginx.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/nginx/nginx.conf b/nginx/nginx.conf
index 683564e8..c5ec8cf7 100644
--- a/nginx/nginx.conf
+++ b/nginx/nginx.conf
@@ -3,6 +3,8 @@ server {
     charset utf-8;
 
     add_header X-Frame-Options DENY;
+    add_header X-Content-Type-Options nosniff;
+    add_header X-XSS-Protection "1; mode=block";
 
     location / {
         root /var/www/html;