Nginx
# security headers
add_header Permissions-Policy "interest-cohort=()" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header Referrer-Policy no-referrer-when-downgrade;
add_header X-XSS-Protection "0; mode=block";
add_header Expect-CT "max-age=63072000, enforce";
add_header X-Permitted-Cross-Domain-Policies master-only;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
add_header Content-Security-Policy "upgrade-insecure-requests";
ols
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy "upgrade-insecure-requests";
X-Content-Type-Options "nosniff" always
X-Frame-Options: SAMEORIGIN
Referrer-Policy: no-referrer-when-downgrade
Permissions-Policy "interest-cohort=()" always;
Grade A+ https://www.vevioz.com
Post a Comment