Nginx 安全配置 

    server {
        listen       8089;
        server_name  10.5.210.203:8089;
        #charset koi8-r;

        #access_log  logs/host.access.log  main;
        #启用 TLS 1.1
        ssl_protocols TLSv1.2 TLSv1.3;
        location / {
            #HTTP Content-Security-Policy 缺失
            add_header Content-Security-Policy "default-src 'self' * 'unsafe-inline' 'unsafe-eval' blob: data: ;";
            #X-Frame-Options Header 未配置
            add_header X-Frame-Options SAMEORIGIN;
            #HTTP X-XSS-Protection 缺失
            add_header X-XSS-Protection "1; mode=block";
            #HTTP X-Permitted-Cross-Domain-Policies 缺失
            add_header X-Permitted-Cross-Domain-Policies none;
            #HTTP X-Download-Options 缺失
            add_header X-Download-Options noopen;
            #HTTP X-Content-Type-Options 缺失
            add_header X-Content-Type-Options "nosniff";
            #HTTP Referrer-Policy 缺失
            add_header 'Referrer-Policy' 'origin'; 
            #HTTP Content-Security-Policy 缺失
            root   html;
            index  index.html index.htm;
        }
posted @ 2023-08-16 14:17  hyiam  阅读(160)  评论(0编辑  收藏  举报