times_new_nginx/configuration/security.conf

add_header X-XSS-Protection          "1; mode=block" always;
add_header X-Content-Type-Options    "nosniff" always;
add_header Referrer-Policy           "no-referrer-when-downgrade" always;
add_header Content-Security-Policy   "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';" always;
add_header Permissions-Policy        "interest-cohort=()" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

#Запрещает доступ ко всем скрытым каталогам и файлам, кроме well-known (Let's Encrypt)
location ~ /\.(?!well-known) {
    deny all;
}
init commit 2024-09-03 21:00:49 +03:00			`add_header X-XSS-Protection "1; mode=block" always;`
			`add_header X-Content-Type-Options "nosniff" always;`
			`add_header Referrer-Policy "no-referrer-when-downgrade" always;`
			`add_header Content-Security-Policy "default-src 'self' http: https: ws: wss: data: blob: 'unsafe-inline'; frame-ancestors 'self';" always;`
			`add_header Permissions-Policy "interest-cohort=()" always;`
			`add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;`

update base 2024-09-18 00:27:00 +03:00			`#Запрещает доступ ко всем скрытым каталогам и файлам, кроме well-known (Let's Encrypt)`
init commit 2024-09-03 21:00:49 +03:00			`location ~ /\.(?!well-known) {`
			`deny all;`
			`}`