2014-12-27 10:09:00 +01:00
|
|
|
server {
|
|
|
|
|
listen 80;
|
|
|
|
|
listen [::]:80;
|
|
|
|
|
listen 443;
|
|
|
|
|
listen [::]:443;
|
|
|
|
|
|
2015-07-22 11:55:51 +02:00
|
|
|
# Enable this if your want HSTS (recommended)
|
|
|
|
|
add_header Strict-Transport-Security "max-age=15552000; includeSubdomains; preload";
|
2015-08-20 19:36:32 +02:00
|
|
|
add_header X-Frame-Options SAMEORIGIN;
|
2015-09-23 16:49:17 +02:00
|
|
|
add_header Content-Security-Policy upgrade-insecure-requests;
|
2015-10-25 08:18:34 +01:00
|
|
|
add_header X-Xss-Protection "1; mode=block" always;
|
|
|
|
|
add_header X-Content-Type-Options "nosniff" always;
|
2015-07-22 11:55:51 +02:00
|
|
|
|
2014-12-27 10:09:00 +01:00
|
|
|
server_name something.example.org;
|
|
|
|
|
|
|
|
|
|
# NOTE: For X-Real-IP & X-Forwarded-For see ../conf.d/rproxy.conf
|
|
|
|
|
# Behind CloudFlare see ../conf.d/cloudflare.conf
|
|
|
|
|
|
|
|
|
|
location / {
|
2019-09-18 16:40:00 +02:00
|
|
|
proxy_pass http://localhost:8080;
|
2014-12-27 10:09:00 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
