shell-things/etc/nginx/sites-enabled/rproxy

server {
    listen 80;
    listen [::]:80;
    listen 443;
    listen [::]:443;

    # Enable this if your want HSTS (recommended)
    add_header Strict-Transport-Security "max-age=15552000; includeSubdomains; preload";
    add_header X-Frame-Options SAMEORIGIN;
    add_header Content-Security-Policy upgrade-insecure-requests;

    server_name something.example.org;

# NOTE: For X-Real-IP & X-Forwarded-For see ../conf.d/rproxy.conf
# Behind CloudFlare see ../conf.d/cloudflare.conf

location / {
    proxy_pass http://localhost:8080/;
    }
}
etc: import from gh-pages 2014-12-27 10:09:00 +01:00			`server {`
			`listen 80;`
			`listen [::]:80;`
			`listen 443;`
			`listen [::]:443;`

nginx: HSTS: subdomains & preload 2015-07-22 11:55:51 +02:00			`# Enable this if your want HSTS (recommended)`
			`add_header Strict-Transport-Security "max-age=15552000; includeSubdomains; preload";`
etc/nginx/sites-availble: add X-Frame-Options 2015-08-20 19:36:32 +02:00			`add_header X-Frame-Options SAMEORIGIN;`
nginx: add Upgrade Insecure Requests http://caniuse.com/#feat=upgradeinsecurerequests 2015-09-23 16:49:17 +02:00			`add_header Content-Security-Policy upgrade-insecure-requests;`
nginx: HSTS: subdomains & preload 2015-07-22 11:55:51 +02:00
etc: import from gh-pages 2014-12-27 10:09:00 +01:00			`server_name something.example.org;`

			`# NOTE: For X-Real-IP & X-Forwarded-For see ../conf.d/rproxy.conf`
			`# Behind CloudFlare see ../conf.d/cloudflare.conf`

			`location / {`
			`proxy_pass http://localhost:8080/;`
			`}`
			`}`