Nginx: Difference between revisions
imported>TheHedgehog0 m Remove X-XSS-Protection header suggestion(per MDN it's not supported anymore) https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection#browser_compatibility |
imported>Pyrox0 commonHttpConfig -> appendHttpConfig |
||
| Line 235: | Line 235: | ||
sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; | sslCiphers = "AES256+EECDH:AES256+EDH:!aNULL"; | ||
appendHttpConfig = '' | |||
# Add HSTS header with preloading to HTTPS requests. | # Add HSTS header with preloading to HTTPS requests. | ||
# Adding this header to HTTP requests is discouraged | # Adding this header to HTTP requests is discouraged | ||