added security.conf with higher precedence

fixes again #88
2025-08-25 04:01:25 +08:00 · 2019-05-22 19:31:08 +02:00
parent 9a15dcb7ca
commit 7fedd0a9db
4 changed files with 39 additions and 17 deletions
--- a/public/templates/conf/nginxconfig.io/general.conf.html
+++ b/public/templates/conf/nginxconfig.io/general.conf.html
@@ -1,20 +1,3 @@
-# security headers
-add_header X-Frame-Options "SAMEORIGIN" always;
-add_header X-XSS-Protection "1; mode=block" always;
-add_header X-Content-Type-Options "nosniff" always;
-add_header Referrer-Policy "{{ data.referrer_policy }}" always;<!--
-
-✔ CSP --><span ng-if="isCSP()">
-add_header Content-Security-Policy "{{ data.content_security_policy }}" always;</span><!--
-
-✔ HSTS--><span ng-if="hasCommonHSTS()">
-add_header Strict-Transport-Security "max-age=31536000{{ isHSTSSubdomains() ? '; includeSubDomains' : '' }}{{ isHSTSPreload() ? '; preload' : '' }}" always;</span>
-
-# . files
-location ~ /\.(?!well-known) {
-	deny all;
-}
-
 # favicon.ico
 location = /favicon.ico {
 	log_not_found off;<!--
--- a/public/templates/conf/nginxconfig.io/security.conf.html
+++ b/public/templates/conf/nginxconfig.io/security.conf.html
@@ -0,0 +1,16 @@
+# security headers
+add_header X-Frame-Options "SAMEORIGIN" always;
+add_header X-XSS-Protection "1; mode=block" always;
+add_header X-Content-Type-Options "nosniff" always;
+add_header Referrer-Policy "{{ data.referrer_policy }}" always;<!--
+
+✔ CSP --><span ng-if="isCSP()">
+add_header Content-Security-Policy "{{ data.content_security_policy }}" always;</span><!--
+
+✔ HSTS--><span ng-if="hasCommonHSTS()">
+add_header Strict-Transport-Security "max-age=31536000{{ isHSTSSubdomains() ? '; includeSubDomains' : '' }}{{ isHSTSPreload() ? '; preload' : '' }}" always;</span>
+
+# . files
+location ~ /\.(?!well-known) {
+	deny all;
+}