mdk
/
infra
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Basic security headers.

This commit is contained in:
Julien Palard 2022-11-24 09:52:32 +01:00
parent 839f6a28d1
commit c5f98533b7
Signed by: mdk
GPG Key ID: 0EFC1AC1006886F8
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
static_websites.yml
View File

@ -15,6 +15,9 @@
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC/8I1ecV8EutLc+Qx6Q8b2RhzXMl9n23LznNlw+MQtM mdk.fr
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIETtLGjVKqpQ4bQRh108Bi5vkc8omuEwZPEUbeysLfci formations
nginx_conf: |
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";
server
{
listen 80;
@ -40,6 +43,8 @@
access_log /var/log/nginx/redirects-access.log;
error_log /var/log/nginx/redirects-error.log;
include snippets/letsencrypt-mdk.fr.conf;
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";
return 301 https://mdk.fr;
}
@ -50,6 +55,8 @@
access_log /var/log/nginx/redirects-access.log;
error_log /var/log/nginx/redirects-error.log;
include snippets/letsencrypt-mdk.fr.conf;
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";
return 301 https://mdk.fr$request_uri;
}
@ -61,6 +68,8 @@
access_log /var/log/nginx/mdk.fr-access.log;
error_log /var/log/nginx/mdk.fr-error.log;
include snippets/letsencrypt-mdk.fr.conf;
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";
location /noindex/ {
autoindex off;
@ -97,6 +106,8 @@
access_log /var/log/nginx/palard.fr-access.log;
error_log /var/log/nginx/palard.fr-error.log;
include snippets/letsencrypt-palard.fr.conf;
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";
root /var/www/palard.fr/;
}
@ -186,6 +197,8 @@
access_log /var/log/nginx/le-poitevin.fr-access.log;
error_log /var/log/nginx/le-poitevin.fr-error.log;
include snippets/letsencrypt-le-poitevin.fr.conf;
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";
root /var/www/le-poitevin.fr/;
index index.html;
}
@ -197,6 +210,8 @@
access_log /var/log/nginx/le-poitevin.fr-access.log;
error_log /var/log/nginx/le-poitevin.fr-error.log;
include snippets/letsencrypt-le-poitevin.fr.conf;
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";
return 301 https://le-poitevin.fr$request_uri;
}
@ -228,6 +243,8 @@
access_log /var/log/nginx/codeenseine.fr-access.log;
error_log /var/log/nginx/codeenseine.fr-error.log;
include snippets/letsencrypt-codeenseine.fr.conf;
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";
root /var/www/codeenseine.fr/;
index index.html;
@ -249,6 +266,8 @@
access_log /var/log/nginx/codeenseine.fr-access.log;
error_log /var/log/nginx/codeenseine.fr-error.log;
include snippets/letsencrypt-codeenseine.fr.conf;
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";
return 301 https://codeenseine.fr$request_uri;
}
@ -275,6 +294,8 @@
access_log /var/log/nginx/matrix.palard.fr-access.log;
error_log /var/log/nginx/matrix.palard.fr-error.log;
include snippets/letsencrypt-matrix.palard.fr.conf;
add_header Content-Security-Policy "frame-ancestors 'none'";
add_header X-Frame-Options "DENY";
location /
{