🎀Nginx 安全设置(禁止Iframe跨域访问、隐藏server、限制ip访问)
💖1.安装【headers-more-nginx-module】模块,自定义nginx头信息
📖2.禁止Iframe跨域请求
more_set_headers 'X-Frame-Options SAMEORIGIN';
📜3.隐藏头信息server
more_clear_headers 'server';
⭐4.ip访问拦截至500页面(并重写500页面,去除其中相关服务信息)
http中最前部分加入
server
{
listen 80;
listen 443 default_server;
server_name _;
ssl_certificate cert/test.crt;
ssl_certificate_key cert/test.key;
ssl_session_timeout 5m;
ssl_ciphers ****-****;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
error_page 497 400 502 503 = /50x.html;
location = /50x.html {
return 500 /50x.html;
}
return 500 /50x.html;
}
其中443端口配置时,需配置相关ssl配置(不需要443端口时,可不进行相关配置)(简单配置可参考:https://www.cnblogs.com/zktww/p/16085763.html)
🌟5.完整示例
#user nobody;
#解决权限问题
user root;
worker_processes auto;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
more_clear_headers 'server';
more_set_headers 'X-Frame-Options SAMEORIGIN';
sendfile on;
proxy_pass_header Server;
server
{
listen 80;
listen 443 default_server;
server_name _;
ssl_certificate cert/test.crt;
ssl_certificate_key cert/test.key;
ssl_session_timeout 5m;
ssl_ciphers ****-****;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
error_page 497 400 502 503 = /50x.html;
location = /50x.html {
return 500 /50x.html;
}
return 500 /50x.html;
}
#具体分发
include conf.d/test.conf;
}
结束
