From 89fbde605f4f808d782489da26464515db915b97 Mon Sep 17 00:00:00 2001 From: Hironsan Date: Thu, 19 Mar 2020 11:52:10 +0900 Subject: [PATCH] Update nginx.conf to enhance security add X-XSS-Protection and X-Content-Type-Options headers --- nginx/nginx.conf | 2 ++ 1 file changed, 2 insertions(+) diff --git a/nginx/nginx.conf b/nginx/nginx.conf index 683564e8..c5ec8cf7 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -3,6 +3,8 @@ server { charset utf-8; add_header X-Frame-Options DENY; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; location / { root /var/www/html;